hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update go/ql/src/experimental/CWE-525/WebCacheDeception.ql

Browse Source 
Co-authored-by: Owen Mansel-Chan <62447351+owen-mc@users.noreply.github.com>
This commit is contained in:
Yunus AYDIN
2023-12-13 19:35:59 +03:00
committed by GitHub
parent 0ea27c6e9b
commit 221e281f73
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go/ql/src/experimental/CWE-525/WebCacheDeception.ql
View File

@@ -1,6 +1,6 @@
/*
* @name Web Cache Deception
* @description A caching system has been detected on the application and is vulnerable to web cache deception on Gofiber. By manipulating the URL it is possible to force the application to cache pages that are only accessible by an authenticated user. Once cached, these pages can be accessed by an unauthenticated user.
* @description A caching system has been detected on the application and is vulnerable to web cache deception. By manipulating the URL it is possible to force the application to cache pages that are only accessible by an authenticated user. Once cached, these pages can be accessed by an unauthenticated user.
* @kind problem
* @problem.severity error
* @security-severity 9