Uploaded image for project: 'Portal'
  1. Portal
  2. PORTAL-1070

fix CRITICAL sql-injection issues identified in sonarcloud

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Highest Highest
    • Istanbul Release
    • Istanbul Release
    • None

      Sonarcloud identified the following security bugs in your project and, as agreed by the TSC, should be fixed within the Istanbul release. Any not finished in Istanbul must be fixed within the Jakarta release. Follow each of the URLs for details on each each bug, along with recommended fixes.

       

      The verification URL for these issues will be https://sonarcloud.io/organizations/onap/issues?id=onap_portal&resolved=false&sonarsourceSecurity=sql-injection
       
      If any of the links below fail, please find your code on the master list found at <https://sonarcloud.io/organizations/onap/issues?resolved=false&sonarsourceSecurity=sql-injection>.

       

      [Project: onap_portal
      Component: onap_portal:ecomp-portal-widget-ms/widget-ms/src/main/java/org/onap/portalapp/widget/service/impl/WidgetCatalogServiceImpl.java
      Message: Change this code to not construct SQL queries directly from user-controlled data.
      Severity: BLOCKER
      Line: 142
      Effort: 30min
      Creation-Date: 2020-05-13T08:06:26+0200
      URL: https://sonarcloud.io/project/issues?id=onap_portal&issues=AXIMp1sJ8Y_K5k8sMwrW&open=AXIMp1sJ8Y_K5k8sMwrW

            tattasunder tattasunder
            zwarico Amy Zwarico
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: