Parameter_Tampering @ /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java

[smaguilarcx]

Checkmarx (SAST): Parameter_Tampering
Security Issue: Read More about Parameter_Tampering
Checkmarx Project: smaguilarcx/Webgoat_eu_CxOne
Repository URL: https://github.com/smaguilarcx/Webgoat_eu_CxOne
Branch: main
Scan ID: 90adb9be-7e9c-4385-b96b-20f5c5abf263

---

Method completed at line 58 of /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java gets user input from element action_string. This input is later concatenated by the application directly into a string variable containing SQL commands, without being validated. This string is then used in method injectableQueryAvailability to query the database executeQuery, at line 71 of /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java, without any additional filtering by the database. This could allow the user to tamper with the filter parameter.

Result 1:
Severity: MEDIUM
State: CONFIRMED
Status: RECURRENT
Attack Vector:

    1. action_string: /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java[58,54]
    2. action_string: /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java[59,40]
    3. action: /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java[62,61]
    4. action: /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java[64,70]
    5. query: /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java[64,12]
    6. query: /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java[71,52]
    7. executeQuery: /src/main/java/org/owasp/webgoat/lessons/sqlinjection/introduction/SqlInjectionLesson10.java[71,51]
    Review result in Checkmarx One: Parameter_Tampering