Explore
101-125 of 159
Security Misconfiguration: HSTS - includeSubDomains
Include subdomains in the HSTS domain
- error
- java
- Spring
- security
- framework specific
- web
- Spring Security
- OWASP Top 10
Sensitive Information: SMS: intent.putExtra
Usage of SMS discouraged
- error
- java
- security
- framework specific
- mobile
- Android
Sensitive Information: SMS: Uri.parse
Usage of SMS discouraged
- error
- java
- security
- framework specific
- mobile
- Android
Session configuration: Cookie: Configure HttpOnly flag
Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true
- error
- java
- security
- web
- OWASP Top 10
Session configuration: Cookies: Configure HttpOnly flag
Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true
- error
- java
- Spring
- security
- framework specific
- web
- Spring Boot
- OWASP Top 10
Session configuration: Cookies: Configure HttpOnly flag
Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true
- error
- java
- security
- web
- Apache Shiro
- OWASP Top 10
Session configuration: Cookies: Configure Secure flag
Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true
- error
- java
- Spring
- security
- framework specific
- web
- Spring Web
- OWASP Top 10
Session configuration: Cookies: Configure Secure flag
Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true
- error
- java
- Spring
- security
- framework specific
- web
- Spring Boot
- OWASP Top 10
Session configuration: Cookies: Configure Secure flag
Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true
- error
- java
- security
- web
- OWASP Top 10
Session configuration: Cookies: Configure Secure flag
Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true
- error
- java
- security
- web
- Apache Shiro
- OWASP Top 10
Session configuration: Cookies: Set HttpOnly flag to true
Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true
- error
- java
- Spring
- security
- framework specific
- web
- Spring Web
- OWASP Top 10
Session configuration: Cookies: Set HttpOnly flag to true
Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true
- error
- java
- Spring
- security
- framework specific
- web
- Spring Boot
- OWASP Top 10
Session configuration: Cookies: Set HttpOnly flag to true
Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true
- error
- java
- security
- web
- OWASP Top 10
Session configuration: Cookies: Set HttpOnly flag to true
Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true
- error
- java
- security
- web
- Apache Shiro
- OWASP Top 10
Session configuration: Cookies: Set Secure flag to true
Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true
- error
- java
- security
- web
- Apache Shiro
- OWASP Top 10
Session configuration: Cookies: Set Secure flag to true
Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true
- error
- java
- Spring
- security
- framework specific
- web
- Spring Boot
- OWASP Top 10
Session configuration: Cookies: Set Secure flag to true
Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true
- error
- java
- security
- web
- OWASP Top 10
Session configuration: Cookies: Set Secure flag to true
Prevent a cookie being sent over unencrypted HTTP by setting the Secure flag to true
- error
- java
- Spring
- security
- framework specific
- web
- Spring Web
- OWASP Top 10
Session configuration: HttpCookie: Configure HttpOnly flag
Prevent client-side scripts from accessing the cookie by setting the HttpOnly flag to true
- error
- java
- security
- web
- OWASP Top 10
Session management: Avoid CSRF: Use narrow mapping for state-changing methods
Non-specified RequestMapping method will map to any HTTP request
- error
- java
- Spring
- security
- framework specific
- web
- Spring Web
- CSRF
Should use requiresSecure
Use of HTTP instead of HTTPS is insecure
- error
- java
- Spring
- security
- framework specific
- web
- Spring Security
- OWASP Top 10
Spring Data Neo4jClient#query is vulnerable to injections
Spring Data Neo4jClient#query is vulnerable to injections
- error
- java
- security
- Neo4j
- framework specific
- OWASP Top 10
- injection
- Spring Data
Spring Security: race condition: SecurityContextHolder.getContext.setAuthentication
It is important to create a new SecurityContext instance to avoid race conditions across multiple threads.
- error
- java
- Spring
- security
- framework specific
- web
- Spring Security
SQL Injection: SQLiteDatabase#execSQL
This query could lead to SQL injection
- error
- java
- security
- framework specific
- mobile
- injection
- Android
- SQL
- OWASP Top 10
SQL Injection: SQLiteDatabase#query - 1st parameter
This query could lead to SQL injection
- error
- java
- security
- framework specific
- mobile
- injection
- Android
- SQL
- OWASP Top 10