gh-fortify-sast.sarif

{
  "$schema" : "https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json",
  "version" : "2.1.0",
  "runs" : [ {
    "tool" : {
      "driver" : {
        "name" : "Fortify on Demand",
        "version" : "SCA 21.1.1.0009; Rulepack 2021.3.0.0007",
        "rules" : [ {
          "id" : "24249584",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class LoginWithRecoveryCodeModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/08ae0fd3-2079-45cc-a1a7-0345e06b75a1"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249585",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class LoginWith2faModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/8ab8b4a4-7867-448c-8af0-09c1f32697d0"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249586",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class ForgotPasswordModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/7921ee97-eafd-42f8-a924-c136e223dc70"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249589",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class ChangePasswordModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/fea4fc5a-2b4e-48da-920b-abf1725376cf"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249590",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class EnableAuthenticatorModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/d70ed2ac-3dbf-435d-a4f6-80ccb00222a7"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249591",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class RegisterModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/0c0652f4-7fa0-49d2-a758-04ed4ce36ba3"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249592",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class EmailModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/d05c1faf-0868-4acd-8145-cbe6efeeab9b"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249593",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class ResetPasswordModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/d8f0f9b5-2f65-464c-8f1e-ce8eef3e5710"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249594",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class SetPasswordModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/056024e6-c69e-43f4-bd99-86630f2232a7"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249595",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class DeletePersonalDataModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/086c7ad7-494c-47db-9ed1-1aaaf4cc2238"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249597",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class ExternalLoginModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/5aa9587d-b14a-4e05-9323-fd7e9392bce2"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249600",
          "shortDescription" : {
            "text" : "ASP.NET MVC Bad Practices: Optional Submodel With Required Property"
          },
          "fullDescription" : {
            "text" : "The model class LoginModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
          },
          "help" : {
            "text" : "If a model class has required property and is the type of an optional member of a parent model class, it may be susceptible to under-posting attacks if an attacker communicates a request that contains less data than is expected.\n\nThe ASP.NET MVC framework will try to bind request parameters to model properties, including submodels.\n\nIf a submodel is optional -- that is, the parent model has a property without the [Required] attribute -- and if an attacker does not communicate that submodel, then the parent property will have a null value and the required fields of the child model will not be asserted by model validation. This is one form of an under-posting attack.\n\nConsider the following the model class definitions:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\npublic ChildModel Child { get; set; }\n}\n\n\nIf an attacker does not communicate a value for the ParentModel.Child property, then the ChildModel.RequiredProperty property will have a [Required] which is not asserted. This may produce unexpected and undesirable results.\n\nMake the child model field required:\n\n\npublic class ChildModel\n{\npublic ChildModel()\n{\n}\n\n[Required]\npublic String RequiredProperty { get; set; }\n}\n\npublic class ParentModel\n{\npublic ParentModel()\n{\n}\n\n[Required]\npublic ChildModel Child { get; set; }\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/1094c961-eb94-48fe-a7e3-cfae530173d8"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249603",
          "shortDescription" : {
            "text" : "JSON Injection"
          },
          "fullDescription" : {
            "text" : "On line 74 of SiteController.cs, the method SubscribeNewsletterJSON() writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity.The method writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity."
          },
          "help" : {
            "text" : "JSON injection occurs when:\n\n1. Data enters a program from an untrusted source.\n\nIn this case, the data enters at SubscribeNewsletterJSON() in SiteController.cs on line 53.\n\n\n2. The data is written to a JSON stream.\n\nIn this case, the JSON is written by WriteRawValue() in SiteController.cs on line 74.\n\nApplications typically use JSON to store data or send messages. When used to store data, JSON is often treated like cached data and may potentially contain sensitive information. When used to send messages, JSON is often used in conjunction with a RESTful service and can be used to transmit sensitive information such as authentication credentials.\n\nThe semantics of JSON documents and messages can be altered if an application constructs JSON from unvalidated input. In a relatively benign case, an attacker may be able to insert extraneous elements that cause an application to throw an exception while parsing a JSON document or request. In a more serious case, such as ones that involves JSON injection, an attacker may be able to insert extraneous elements that allow for the predictable manipulation of business critical values within a JSON document or request. In some cases, JSON injection can lead to cross-site scripting or dynamic code evaluation.\n\nExample 1: The following C# code uses JSON.NET to serialize user account authentication information for non-privileged users (those with a role of \"default\" as opposed to privileged users with a role of \"admin\") from user-controlled input variables username and password to the JSON file located at C:\\user_info.json:\n\n\n...\n\nStringBuilder sb = new StringBuilder();\nStringWriter sw = new StringWriter(sb);\n\nusing (JsonWriter writer = new JsonTextWriter(sw))\n{\nwriter.Formatting = Formatting.Indented;\n\nwriter.WriteStartObject();\n\nwriter.WritePropertyName(\"role\");\nwriter.WriteRawValue(\"\\\"default\\\"\");\n\nwriter.WritePropertyName(\"username\");\nwriter.WriteRawValue(\"\\\"\" + username + \"\\\"\");\n\nwriter.WritePropertyName(\"password\");\nwriter.WriteRawValue(\"\\\"\" + password + \"\\\"\");\n\nwriter.WriteEndObject();\n}\n\nFile.WriteAllText(@\"C:\\user_info.json\", sb.ToString());\n\n\nYet, because the JSON serialization is performed using JsonWriter.WriteRawValue(), the untrusted data in username and password will not be validated to escape JSON-related special characters. This allows a user to arbitrarily insert JSON keys, possibly changing the structure of the serialized JSON. In this example, if the non-privileged user mallory with password Evil123! were to append \",\"role\":\"admin to her username when entering it at the prompt that sets the value of the username variable, the resulting JSON saved to C:\\user_info.json would be:\n\n\n{\n\"role\":\"default\",\n\"username\":\"mallory\",\n\"role\":\"admin\",\n\"password\":\"Evil123!\"\n}\n\n\nIf this serialized JSON file were then deserialized to a Dictionary object with JsonConvert.DeserializeObject() as so:\n\n\nString jsonString = File.ReadAllText(@\"C:\\user_info.json\");\n\nDictionary<string, string> userInfo = JsonConvert.DeserializeObject<Dictionary<string, strin>>(jsonString);\n\n\nThe resulting values for the username, password, and role keys in the Dictionary object would be mallory, Evil123!, and admin respectively. Without further verification that the deserialized JSON values are valid, the application will incorrectly assign user mallory \"admin\" privileges.\n\nWhen writing user supplied data to JSON, follow these guidelines:\n\n1. Do not create JSON attributes with names that are derived from user input.\n\n2. Ensure that all serialization to JSON is performed using a safe serialization function that delimits untrusted data within single or double quotes and escapes any special characters.\n\nExample 2: The following C# code implements the same functionality as that in Example 1, but instead uses JsonWriter.WriteValue() rather than JsonWriter.writeRawValue() to serialize the data, therefore ensuring that any untrusted data is properly delimited and escaped:\n\n\n...\n\nStringBuilder sb = new StringBuilder();\nStringWriter sw = new StringWriter(sb);\n\nusing (JsonWriter writer = new JsonTextWriter(sw))\n{\nwriter.Formatting = Formatting.Indented;\n\nwriter.WriteStartObject();\n\nwriter.WritePropertyName(\"role\");\nwriter.WriteValue(\"default\");\n\nwriter.WritePropertyName(\"username\");\nwriter.WriteValue(username);\n\nwriter.WritePropertyName(\"password\");\nwriter.WriteValue(password);\n\nwriter.WriteEndObject();\n}\n\nFile.WriteAllText(@\"C:\\user_info.json\", sb.ToString());\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/26bc968a-5261-43b2-815a-5d0f30cbcefe"
          },
          "properties" : {
            "tags" : [ "Low" ],
            "precision" : "low",
            "security-severity" : "3.9"
          }
        }, {
          "id" : "24249604",
          "shortDescription" : {
            "text" : "JSON Injection"
          },
          "fullDescription" : {
            "text" : "On line 71 of SiteController.cs, the method SubscribeNewsletterJSON() writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity.The method writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity."
          },
          "help" : {
            "text" : "JSON injection occurs when:\n\n1. Data enters a program from an untrusted source.\n\nIn this case, the data enters at SubscribeNewsletterJSON() in SiteController.cs on line 53.\n\n\n2. The data is written to a JSON stream.\n\nIn this case, the JSON is written by WriteRawValue() in SiteController.cs on line 71.\n\nApplications typically use JSON to store data or send messages. When used to store data, JSON is often treated like cached data and may potentially contain sensitive information. When used to send messages, JSON is often used in conjunction with a RESTful service and can be used to transmit sensitive information such as authentication credentials.\n\nThe semantics of JSON documents and messages can be altered if an application constructs JSON from unvalidated input. In a relatively benign case, an attacker may be able to insert extraneous elements that cause an application to throw an exception while parsing a JSON document or request. In a more serious case, such as ones that involves JSON injection, an attacker may be able to insert extraneous elements that allow for the predictable manipulation of business critical values within a JSON document or request. In some cases, JSON injection can lead to cross-site scripting or dynamic code evaluation.\n\nExample 1: The following C# code uses JSON.NET to serialize user account authentication information for non-privileged users (those with a role of \"default\" as opposed to privileged users with a role of \"admin\") from user-controlled input variables username and password to the JSON file located at C:\\user_info.json:\n\n\n...\n\nStringBuilder sb = new StringBuilder();\nStringWriter sw = new StringWriter(sb);\n\nusing (JsonWriter writer = new JsonTextWriter(sw))\n{\nwriter.Formatting = Formatting.Indented;\n\nwriter.WriteStartObject();\n\nwriter.WritePropertyName(\"role\");\nwriter.WriteRawValue(\"\\\"default\\\"\");\n\nwriter.WritePropertyName(\"username\");\nwriter.WriteRawValue(\"\\\"\" + username + \"\\\"\");\n\nwriter.WritePropertyName(\"password\");\nwriter.WriteRawValue(\"\\\"\" + password + \"\\\"\");\n\nwriter.WriteEndObject();\n}\n\nFile.WriteAllText(@\"C:\\user_info.json\", sb.ToString());\n\n\nYet, because the JSON serialization is performed using JsonWriter.WriteRawValue(), the untrusted data in username and password will not be validated to escape JSON-related special characters. This allows a user to arbitrarily insert JSON keys, possibly changing the structure of the serialized JSON. In this example, if the non-privileged user mallory with password Evil123! were to append \",\"role\":\"admin to her username when entering it at the prompt that sets the value of the username variable, the resulting JSON saved to C:\\user_info.json would be:\n\n\n{\n\"role\":\"default\",\n\"username\":\"mallory\",\n\"role\":\"admin\",\n\"password\":\"Evil123!\"\n}\n\n\nIf this serialized JSON file were then deserialized to a Dictionary object with JsonConvert.DeserializeObject() as so:\n\n\nString jsonString = File.ReadAllText(@\"C:\\user_info.json\");\n\nDictionary<string, string> userInfo = JsonConvert.DeserializeObject<Dictionary<string, strin>>(jsonString);\n\n\nThe resulting values for the username, password, and role keys in the Dictionary object would be mallory, Evil123!, and admin respectively. Without further verification that the deserialized JSON values are valid, the application will incorrectly assign user mallory \"admin\" privileges.\n\nWhen writing user supplied data to JSON, follow these guidelines:\n\n1. Do not create JSON attributes with names that are derived from user input.\n\n2. Ensure that all serialization to JSON is performed using a safe serialization function that delimits untrusted data within single or double quotes and escapes any special characters.\n\nExample 2: The following C# code implements the same functionality as that in Example 1, but instead uses JsonWriter.WriteValue() rather than JsonWriter.writeRawValue() to serialize the data, therefore ensuring that any untrusted data is properly delimited and escaped:\n\n\n...\n\nStringBuilder sb = new StringBuilder();\nStringWriter sw = new StringWriter(sb);\n\nusing (JsonWriter writer = new JsonTextWriter(sw))\n{\nwriter.Formatting = Formatting.Indented;\n\nwriter.WriteStartObject();\n\nwriter.WritePropertyName(\"role\");\nwriter.WriteValue(\"default\");\n\nwriter.WritePropertyName(\"username\");\nwriter.WriteValue(username);\n\nwriter.WritePropertyName(\"password\");\nwriter.WriteValue(password);\n\nwriter.WriteEndObject();\n}\n\nFile.WriteAllText(@\"C:\\user_info.json\", sb.ToString());\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/646941cc-d904-4f5a-9ec0-4718e5dc99a7"
          },
          "properties" : {
            "tags" : [ "Low" ],
            "precision" : "low",
            "security-severity" : "3.9"
          }
        }, {
          "id" : "24249587",
          "shortDescription" : {
            "text" : "Mass Assignment: Insecure Binder Configuration"
          },
          "fullDescription" : {
            "text" : "The framework binder used for binding the HTTP request parameters to the model class in  on line 106 has not been explicitly configured to allow, or disallow, certain attributes.The framework binder used for binding the HTTP request parameters to the model class has not been explicitly configured to allow, or disallow, certain attributes."
          },
          "help" : {
            "text" : "To ease development and increase productivity, most modern frameworks allow an object to be automatically instantiated and populated with the HTTP request parameters whose names match an attribute of the class to be bound. Automatic instantiation and population of objects speeds up development, but can lead to serious problems if implemented without caution. Any attribute in the bound classes, or nested classes, will be automatically bound to the HTTP request parameters. Therefore, malicious users will be able to assign a value to any attribute in bound or nested classes, even if they are not exposed to the client through web forms or API contracts.\n\nExample 1: With no additional configuration, the following ASP.NET MVC controller method will bind the HTTP request parameters to any attribute in the RegisterModel or Details classes:\n\n\npublic ActionResult Register(RegisterModel model)\n{\nif (ModelState.IsValid)\n{\ntry\n{\nreturn RedirectToAction(\"Index\", \"Home\");\n}\ncatch (MembershipCreateUserException e)\n{\nModelState.AddModelError(\"\", \"\");\n}\n}\nreturn View(model);\n}\n\n\nWhere RegisterModel class is defined as:\n\n\npublic class RegisterModel\n{\n[BindRequired]\n[Display(Name = \"User name\")]\npublic string UserName { get; set; }\n\n[BindRequired]\n[DataType(DataType.Password)]\n[Display(Name = \"Password\")]\npublic string Password { get; set; }\n\n[DataType(DataType.Password)]\n[Display(Name = \"Confirm password\")]\npublic string ConfirmPassword { get; set; }\n\npublic Details Details { get; set; }\n\npublic RegisterModel()\n{\nDetails = new Details();\n}\n}\n\n\nand Details class is defined as:\n\n\npublic class Details\n{\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nExample 2: When using TryUpdateModel() or UpdateModel() in ASP.NET MVC or Web API applications, the model binder will automatically try to bind all HTTP request parameters by default:\n\n\npublic ViewResult Register()\n{\nvar model = new RegisterModel();\nTryUpdateModel<RegisterModel>(model);\nreturn View(\"detail\", model);\n}\n\n\nExample 3: In ASP.NET Web API applications, the model binder will automatically try to bind all HTTP request parameters by default using the configured JSON or XML serializer/deserializer. By default, the binder will try to bind all possible attributes from the HTTP request parameters or body:\n\n\npublic class ProductsController : ApiController\n{\npublic string SaveProduct([FromBody] Product p)\n{\nreturn p.Name;\n}\n...\n}\n\n\nExample 4: In ASP.NET Web Form applications, the model binder will automatically try to bind all HTTP request parameters when using TryUpdateModel() or UpdateModel() with IValueProvider interface.\n\nEmployee emp = new Employee();\nTryUpdateModel(emp, new System.Web.ModelBinding.FormValueProvider(ModelBindingExecutionContext));\nif (ModelState.IsValid)\n{\ndb.SaveChanges();\n}\n\n\nand Employee class is defined as:\n\n\npublic class Employee\n{\npublic Employee()\n{\nIsAdmin = false;\nIsManager = false;\n}\npublic string Name { get; set; }\npublic string Email { get; set; }\npublic bool IsManager { get; set; }\npublic bool IsAdmin { get; set; }\n}\n\n\nWhen using frameworks that provide automatic model binding capabilities, it is a best practice to control which attributes will be bound to the model object so that even if attackers are able to identify other non-exposed attributes of the model or nested classes, they will not be able to bind arbitrary values from HTTP request parameters.\n\nDepending on the framework used there will be different ways to control the model binding process:\n\nExample 5: It is possible to control the ASP.NET MVC model binding process using opt-in approach, decorate the class with the [DataContract] attribute. If this attribute is present, members are ignored unless they have the [DataMember] attribute:\n\n\n[DataContract]\npublic class Details\n{\npublic Details()\n{\nIsAdmin = false;\n}\n\n[DataMember]\npublic int Id { get; set; }\n\npublic bool IsAdmin { get; set; }\n...\n}\n\n\n\nExample 6: It is also possible to control the ASP.NET MVC model binding process using opt-out approach, decorate the members with the [IgnoreDataMember] attribute. If this attribute is present then, those members are ignored during the model binding process:\n\n\npublic class Details\n{\npublic Details()\n{\nIsAdmin = false;\n}\n[IgnoreDataMember]\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nExample 7: In ASP.NET Web API applications, the model classes bound to the HTTP request parameters can be annotated to control the binding process. You can use [BindRequired] and [BindNever] to specifically state whether a property or entire class should be bound:\n\n\n[BindNever]\npublic class Details\n{\npublic Details()\n{\nIsAdmin = false;\n}\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nExample 8: In ASP.NET Web Form applications, you can use [BindRequired] and [BindNever] to specifically state whether a property or entire class should be bound:\n\n\npublic class Employee\n{\npublic Employee()\n{\nIsAdmin = false;\nIsManager = false;\n}\npublic string Name { get; set; }\npublic string Email { get; set; }\n\n[BindNever]\npublic bool IsManager { get; set; }\n[BindNever]\npublic bool IsAdmin { get; set; }\n}\n\n\nA different approach to protecting against mass assignment vulnerabilities is using a layered architecture where the HTTP request parameters are bound to DTO objects. The DTO objects are only used for that purpose, exposing only those attributes defined in the web forms or API contracts, and then mapping these DTO objects to Domain objects where the rest of the private attributes can be defined.\n\nFor more information, see https://emea.fortify.com//redirect/Issues/85b1d0ee-ad92-4f43-890c-2fe913243b2c"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249596",
          "shortDescription" : {
            "text" : "Mass Assignment: Insecure Binder Configuration"
          },
          "fullDescription" : {
            "text" : "The framework binder used for binding the HTTP request parameters to the model class in  on line 72 has not been explicitly configured to allow, or disallow, certain attributes.The framework binder used for binding the HTTP request parameters to the model class has not been explicitly configured to allow, or disallow, certain attributes."
          },
          "help" : {
            "text" : "To ease development and increase productivity, most modern frameworks allow an object to be automatically instantiated and populated with the HTTP request parameters whose names match an attribute of the class to be bound. Automatic instantiation and population of objects speeds up development, but can lead to serious problems if implemented without caution. Any attribute in the bound classes, or nested classes, will be automatically bound to the HTTP request parameters. Therefore, malicious users will be able to assign a value to any attribute in bound or nested classes, even if they are not exposed to the client through web forms or API contracts.\n\nExample 1: With no additional configuration, the following ASP.NET MVC controller method will bind the HTTP request parameters to any attribute in the RegisterModel or Details classes:\n\n\npublic ActionResult Register(RegisterModel model)\n{\nif (ModelState.IsValid)\n{\ntry\n{\nreturn RedirectToAction(\"Index\", \"Home\");\n}\ncatch (MembershipCreateUserException e)\n{\nModelState.AddModelError(\"\", \"\");\n}\n}\nreturn View(model);\n}\n\n\nWhere RegisterModel class is defined as:\n\n\npublic class RegisterModel\n{\n[BindRequired]\n[Display(Name = \"User name\")]\npublic string UserName { get; set; }\n\n[BindRequired]\n[DataType(DataType.Password)]\n[Display(Name = \"Password\")]\npublic string Password { get; set; }\n\n[DataType(DataType.Password)]\n[Display(Name = \"Confirm password\")]\npublic string ConfirmPassword { get; set; }\n\npublic Details Details { get; set; }\n\npublic RegisterModel()\n{\nDetails = new Details();\n}\n}\n\n\nand Details class is defined as:\n\n\npublic class Details\n{\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nExample 2: When using TryUpdateModel() or UpdateModel() in ASP.NET MVC or Web API applications, the model binder will automatically try to bind all HTTP request parameters by default:\n\n\npublic ViewResult Register()\n{\nvar model = new RegisterModel();\nTryUpdateModel<RegisterModel>(model);\nreturn View(\"detail\", model);\n}\n\n\nExample 3: In ASP.NET Web API applications, the model binder will automatically try to bind all HTTP request parameters by default using the configured JSON or XML serializer/deserializer. By default, the binder will try to bind all possible attributes from the HTTP request parameters or body:\n\n\npublic class ProductsController : ApiController\n{\npublic string SaveProduct([FromBody] Product p)\n{\nreturn p.Name;\n}\n...\n}\n\n\nExample 4: In ASP.NET Web Form applications, the model binder will automatically try to bind all HTTP request parameters when using TryUpdateModel() or UpdateModel() with IValueProvider interface.\n\nEmployee emp = new Employee();\nTryUpdateModel(emp, new System.Web.ModelBinding.FormValueProvider(ModelBindingExecutionContext));\nif (ModelState.IsValid)\n{\ndb.SaveChanges();\n}\n\n\nand Employee class is defined as:\n\n\npublic class Employee\n{\npublic Employee()\n{\nIsAdmin = false;\nIsManager = false;\n}\npublic string Name { get; set; }\npublic string Email { get; set; }\npublic bool IsManager { get; set; }\npublic bool IsAdmin { get; set; }\n}\n\n\nWhen using frameworks that provide automatic model binding capabilities, it is a best practice to control which attributes will be bound to the model object so that even if attackers are able to identify other non-exposed attributes of the model or nested classes, they will not be able to bind arbitrary values from HTTP request parameters.\n\nDepending on the framework used there will be different ways to control the model binding process:\n\nExample 5: It is possible to control the ASP.NET MVC model binding process using opt-in approach, decorate the class with the [DataContract] attribute. If this attribute is present, members are ignored unless they have the [DataMember] attribute:\n\n\n[DataContract]\npublic class Details\n{\npublic Details()\n{\nIsAdmin = false;\n}\n\n[DataMember]\npublic int Id { get; set; }\n\npublic bool IsAdmin { get; set; }\n...\n}\n\n\n\nExample 6: It is also possible to control the ASP.NET MVC model binding process using opt-out approach, decorate the members with the [IgnoreDataMember] attribute. If this attribute is present then, those members are ignored during the model binding process:\n\n\npublic class Details\n{\npublic Details()\n{\nIsAdmin = false;\n}\n[IgnoreDataMember]\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nExample 7: In ASP.NET Web API applications, the model classes bound to the HTTP request parameters can be annotated to control the binding process. You can use [BindRequired] and [BindNever] to specifically state whether a property or entire class should be bound:\n\n\n[BindNever]\npublic class Details\n{\npublic Details()\n{\nIsAdmin = false;\n}\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nExample 8: In ASP.NET Web Form applications, you can use [BindRequired] and [BindNever] to specifically state whether a property or entire class should be bound:\n\n\npublic class Employee\n{\npublic Employee()\n{\nIsAdmin = false;\nIsManager = false;\n}\npublic string Name { get; set; }\npublic string Email { get; set; }\n\n[BindNever]\npublic bool IsManager { get; set; }\n[BindNever]\npublic bool IsAdmin { get; set; }\n}\n\n\nA different approach to protecting against mass assignment vulnerabilities is using a layered architecture where the HTTP request parameters are bound to DTO objects. The DTO objects are only used for that purpose, exposing only those attributes defined in the web forms or API contracts, and then mapping these DTO objects to Domain objects where the rest of the private attributes can be defined.\n\nFor more information, see https://emea.fortify.com//redirect/Issues/21646bba-1b46-425e-8053-40a98dc7ff96"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249588",
          "shortDescription" : {
            "text" : "Mass Assignment: Sensitive Field Exposure"
          },
          "fullDescription" : {
            "text" : "A sensitive field defined in Product.cs on line 27 is exposed to the model binder.A sensitive field is exposed to the model binder."
          },
          "help" : {
            "text" : "Modern frameworks allow developers to automatically bind HTTP request parameters from both request query and body into model objects for ease of development and increase of productivity. If the binder is not correctly configured to control which HTTP request parameters are bound to which model attributes, an attacker may be able to abuse the model binding process and set any other attributes that should not be exposed to user control. This binding is possible even if the model attributes do not appear in the web forms or API contracts.\n\nExample 1: The following ASP.NET MVC controller method (Register) is accessed from a web form that asks the users to register an account by providing their name and password:\n\n\npublic ActionResult Register(RegisterModel model)\n{\nif (ModelState.IsValid)\n{\ntry\n{\nreturn RedirectToAction(\"Index\", \"Home\");\n}\ncatch (MembershipCreateUserException e)\n{\nModelState.AddModelError(\"\", \"\");\n}\n}\nreturn View(model);\n}\n\n\nWhere RegisterModel class is defined as:\n\n\npublic class RegisterModel\n{\n[BindRequired]\n[Display(Name = \"User name\")]\npublic string UserName { get; set; }\n\n[BindRequired]\n[DataType(DataType.Password)]\n[Display(Name = \"Password\")]\npublic string Password { get; set; }\n\n[DataType(DataType.Password)]\n[Display(Name = \"Confirm password\")]\npublic string ConfirmPassword { get; set; }\n\npublic Details Details { get; set; }\n\npublic RegisterModel()\n{\nDetails = new Details();\n}\n}\n\n\nand Details class is defined as:\n\n\npublic class Details\n{\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nGiven the scenario in Example 1, an attacker may be able to explore the application and discover that there is a Details attribute in the RegisterModel model. If this is the case, the attacker may then attempt to overwrite the current values assigned to their attributes.\nIf an attacker can find out these internal attributes, and the framework binder is not correctly configured in order to disallow binding of these attributes, then the attacker would be able to register an administrator account by sending the following request:\n\n\nname=John&password=****&details.is_admin=true\n\n\nIn order to avoid mass assignment vulnerabilities it is important to control the HTTP request to model class binding process. There are different alternatives depending on the framework used:\n\nArchitectural: Define dedicated DTO classes to be bound to user data and containing only those attributes that should be exposed to end users. Map their attributes with the Domain Objects used along the application. These Domain Objects will contain attributes to receive the validated user data and extra attributes that should never be exposed to user control.\n\nBinder configuration: Certain model binders allow the developers to accept or reject HTTP request parameters based on their names.\n\nExample 2: \n\n\npublic ViewResult Register()\n{\nvar model = new RegisterModel();\nString[] array = new String[] { \"FirstName\" };\nTryUpdateModel<RegisterModel>(model, array);\nreturn View(\"detail\", model);\n}\n\n\nModel class configuration: Sensitive fields must have attributes to specify whether they can be bound or not. You can use [BindRequired] or [BindNever] in ASP.NET Core applications on properties or entire classes.\n\nExample 3: The following code uses [BindNever] to signify that class properties should not be bound. Therefore, IsAdmin gets the default value of false:\n\n\n[BindNever]\npublic class Details\n{\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/4bb38331-6b20-4be2-8efd-7bc54d2a9855"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249599",
          "shortDescription" : {
            "text" : "Mass Assignment: Sensitive Field Exposure"
          },
          "fullDescription" : {
            "text" : "A sensitive field defined in Product.cs on line 20 is exposed to the model binder.A sensitive field is exposed to the model binder."
          },
          "help" : {
            "text" : "Modern frameworks allow developers to automatically bind HTTP request parameters from both request query and body into model objects for ease of development and increase of productivity. If the binder is not correctly configured to control which HTTP request parameters are bound to which model attributes, an attacker may be able to abuse the model binding process and set any other attributes that should not be exposed to user control. This binding is possible even if the model attributes do not appear in the web forms or API contracts.\n\nExample 1: The following ASP.NET MVC controller method (Register) is accessed from a web form that asks the users to register an account by providing their name and password:\n\n\npublic ActionResult Register(RegisterModel model)\n{\nif (ModelState.IsValid)\n{\ntry\n{\nreturn RedirectToAction(\"Index\", \"Home\");\n}\ncatch (MembershipCreateUserException e)\n{\nModelState.AddModelError(\"\", \"\");\n}\n}\nreturn View(model);\n}\n\n\nWhere RegisterModel class is defined as:\n\n\npublic class RegisterModel\n{\n[BindRequired]\n[Display(Name = \"User name\")]\npublic string UserName { get; set; }\n\n[BindRequired]\n[DataType(DataType.Password)]\n[Display(Name = \"Password\")]\npublic string Password { get; set; }\n\n[DataType(DataType.Password)]\n[Display(Name = \"Confirm password\")]\npublic string ConfirmPassword { get; set; }\n\npublic Details Details { get; set; }\n\npublic RegisterModel()\n{\nDetails = new Details();\n}\n}\n\n\nand Details class is defined as:\n\n\npublic class Details\n{\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nGiven the scenario in Example 1, an attacker may be able to explore the application and discover that there is a Details attribute in the RegisterModel model. If this is the case, the attacker may then attempt to overwrite the current values assigned to their attributes.\nIf an attacker can find out these internal attributes, and the framework binder is not correctly configured in order to disallow binding of these attributes, then the attacker would be able to register an administrator account by sending the following request:\n\n\nname=John&password=****&details.is_admin=true\n\n\nIn order to avoid mass assignment vulnerabilities it is important to control the HTTP request to model class binding process. There are different alternatives depending on the framework used:\n\nArchitectural: Define dedicated DTO classes to be bound to user data and containing only those attributes that should be exposed to end users. Map their attributes with the Domain Objects used along the application. These Domain Objects will contain attributes to receive the validated user data and extra attributes that should never be exposed to user control.\n\nBinder configuration: Certain model binders allow the developers to accept or reject HTTP request parameters based on their names.\n\nExample 2: \n\n\npublic ViewResult Register()\n{\nvar model = new RegisterModel();\nString[] array = new String[] { \"FirstName\" };\nTryUpdateModel<RegisterModel>(model, array);\nreturn View(\"detail\", model);\n}\n\n\nModel class configuration: Sensitive fields must have attributes to specify whether they can be bound or not. You can use [BindRequired] or [BindNever] in ASP.NET Core applications on properties or entire classes.\n\nExample 3: The following code uses [BindNever] to signify that class properties should not be bound. Therefore, IsAdmin gets the default value of false:\n\n\n[BindNever]\npublic class Details\n{\npublic bool IsAdmin { get; set; }\n...\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/b912b7c2-ce6a-43f1-90fb-200f14d7c907"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249601",
          "shortDescription" : {
            "text" : "Password Management: Hardcoded Password"
          },
          "fullDescription" : {
            "text" : "Hardcoded passwords can compromise system security in a way that is not easy to remedy."
          },
          "help" : {
            "text" : "It is never a good idea to hardcode a password. Not only does hardcoding a password allow all of the project's developers to view the password, it also makes fixing the problem extremely difficult. After the code is in production, the password cannot be changed without patching the software. If the account protected by the password is compromised, the owners of the system must choose between security and availability.\n\nIn this case, the password was used to access a resource at  in AdminUtils.cs on line 12.\n\nExample: The following code uses a hardcoded password to create a network credential:\n\n\n...\nNetworkCredential netCred =\nnew NetworkCredential(\"scott\", \"tiger\", domain);\n...\n\n\nThis code will run successfully, but anyone who has access to it will have access to the password. After the program ships, there is likely no way to change the network credential user \"scott\" with a password of \"tiger\" unless the program is patched. An employee with access to this information can use it to break into the system. If attackers have access to the executable for the application they can disassemble the code, which will contain the values of the passwords used.\n\nPasswords should never be hardcoded and should generally be obfuscated and managed in an external source. Storing passwords in plain text anywhere on the system allows anyone with sufficient permissions to read and potentially misuse the password.\n\nMicrosoft(R) provides a tool that can be used in conjunction with the Windows Data Protection application programming interface (DPAPI) to protect sensitive application entries in configuration files [1].\n\nFor more information, see https://emea.fortify.com//redirect/Issues/e028fbfc-48b4-44be-9597-97c56ceed4b0"
          },
          "properties" : {
            "tags" : [ "Medium" ],
            "precision" : "high",
            "security-severity" : "6.9"
          }
        }, {
          "id" : "24249598",
          "shortDescription" : {
            "text" : "Unreleased Resource: Streams"
          },
          "fullDescription" : {
            "text" : "The function SubscribeNewsletterXML() in SiteController.cs sometimes fails to release a system resource allocated by FileStream() on line 34.The program can potentially fail to release a system resource."
          },
          "help" : {
            "text" : "The program can potentially fail to release a system resource.\n\nResource leaks have at least two common causes:\n\n- Error conditions and other exceptional circumstances.\n\n- Confusion over which part of the program is responsible for releasing the resource.\n\nIn this case, there are program paths on which the resource allocated in SiteController.cs on line 34 is not released.\n\nMost unreleased resource issues result in general software reliability problems. However, if an attacker can intentionally trigger a resource leak, the attacker may be able to launch a denial of service attack by depleting the resource pool.\n\nExample: The following method never closes the file handle it opens. The Finalize() method for StreamReader eventually calls Close(), but there is no guarantee as to how long it will take before the Finalize() method is invoked. In fact, there is no guarantee that Finalize() will ever be invoked. In a busy environment, this can result in the VM using up all of its available file handles.\n\n\nprivate void processFile(string fName) {\nStreamWriter sw = new StreamWriter(fName);\nstring line;\nwhile ((line = sr.ReadLine()) != null)\nprocessLine(line);\n}\n\n\nNever rely on Finalize() to reclaim resources. In order for an object's Finalize() method to be invoked, the garbage collector must determine if the object is eligible for garbage collection. Because the garbage collector is not required to run unless the VM is low on memory, there is no guarantee that an object's Finalize() method will be invoked in an expedient fashion, if it is ever invoked at all (the language does not guarantee that it will be). When the garbage collector finally does run, it can cause a large number of resources to be reclaimed in a short period of time, which can lead to sudden rise in performance and lower overall system throughput. The effect becomes more pronounced as the load on the system increases.\n\nInstead of explicitly closing objects that manage resources, use the C# keyword 'using', which employs the IDisposable interface to perform a cleanup. The following two blocks of code achieve the same result:\n\nThe following code uses the finally keyword:\n\n\nStreamReader sr;\ntry {\nsr = new StreamReader(myFileStream);\ndoWork(sr);\n} finally {\nif (sr != null) {\nsr.Close();\n}\n}\n\n\nThe following code uses the using keyword:\n\n\nusing (StreamReader sr = new StreamReader(myFileStream)) {\ndoWork(sr);\n}\n\n\nFor more information, see https://emea.fortify.com//redirect/Issues/47097b79-afaa-49c6-ba5f-ad9ba911cbb9"
          },
          "properties" : {
            "tags" : [ "High" ],
            "precision" : "low",
            "security-severity" : "8.9"
          }
        }, {
          "id" : "24249602",
          "shortDescription" : {
            "text" : "XML Injection"
          },
          "fullDescription" : {
            "text" : "On line 43 of SiteController.cs, the method SubscribeNewsletterXML() writes unvalidated XML input. This call could allow an attacker to inject arbitrary elements or attributes into the XML document.Writing unvalidated data into an XML document can allow an attacker to change the structure and contents of the XML."
          },
          "help" : {
            "text" : "XML injection occurs when:\n\n1. Data enters a program from an untrusted source.\n\nIn this case, the data enters at SubscribeNewsletterXML() in SiteController.cs on line 29.\n\n\n\n2. The data is written to an XML document.\n\nIn this case, the XML is written by set_InnerXml() in SiteController.cs on line 43.\n\nApplications typically use XML to store data or send messages. When used to store data, XML documents are often treated like databases and can potentially contain sensitive information. XML messages are often used in web services and can also be used to send sensitive information. XML messages can even be used to send authentication credentials.\n\nThe semantics of XML documents and messages can be altered if an attacker has the ability to write raw XML. In the most benign case, an attacker may be able to insert extraneous tags and cause an XML parser to throw an exception. In more nefarious cases of XML injection, an attacker may be able to add XML elements that change authentication credentials or modify prices in an XML e-commerce database. In some cases, XML injection can even lead to cross-site scripting or dynamic code evaluation.\n\nExample 1:\n\nAssume an attacker is able to control shoes in following XML.\n\n<order>\n<price>100.00</price>\n<item>shoes</item>\n</order>\n\n\nNow suppose this XML is included in a back end web service request to place an order for a pair of shoes. Suppose the attacker modifies his request and replaces shoes with shoes</item><price>1.00</price><item>shoes. The new XML would look like:\n\n<order>\n<price>100.00</price>\n<item>shoes</item><price>1.00</price><item>shoes</item>\n</order>\n\n\nWhen using SAX parsers, the value from the second <price> overrides the value from the first <price> tag. This allows the attacker to purchase a pair of $100 shoes for $1.\n\nWhen writing user supplied data to XML, follow these guidelines:\n\n1. Do not create tags or attributes with names that are derived from user input.\n\n2. XML entity encode user input before writing to XML.\n\n3. Wrap user input in CDATA tags.\n\nFor more information, see https://emea.fortify.com//redirect/Issues/7ebfc69d-f4df-4d4b-ab96-c27bc0a09c8c"
          },
          "properties" : {
            "tags" : [ "Critical" ],
            "precision" : "high",
            "security-severity" : "10.0"
          }
        } ]
      }
    },
    "results" : [ {
      "ruleId" : "24249584",
      "message" : {
        "text" : "The model class LoginWithRecoveryCodeModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "2568AA82804ABC40D30996C61EDFE455"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/LoginWithRecoveryCode.cshtml.cs"
          },
          "region" : {
            "startLine" : 27,
            "endLine" : 27,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "LoginWithRecoveryCode.cshtml.cs:27 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/LoginWithRecoveryCode.cshtml.cs"
                },
                "region" : {
                  "startLine" : 27
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "LoginWithRecoveryCode.cshtml.cs:31 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/LoginWithRecoveryCode.cshtml.cs"
                },
                "region" : {
                  "startLine" : 31
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249585",
      "message" : {
        "text" : "The model class LoginWith2faModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "1A08A97FB9450D02C9ACEF3D061E0F2A"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/LoginWith2fa.cshtml.cs"
          },
          "region" : {
            "startLine" : 27,
            "endLine" : 27,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "LoginWith2fa.cshtml.cs:27 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/LoginWith2fa.cshtml.cs"
                },
                "region" : {
                  "startLine" : 27
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "LoginWith2fa.cshtml.cs:33 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/LoginWith2fa.cshtml.cs"
                },
                "region" : {
                  "startLine" : 33
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249586",
      "message" : {
        "text" : "The model class ForgotPasswordModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "292077A4B17887FF2DCC31BFAF994C2D"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ForgotPassword.cshtml.cs"
          },
          "region" : {
            "startLine" : 29,
            "endLine" : 29,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "ForgotPassword.cshtml.cs:29 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ForgotPassword.cshtml.cs"
                },
                "region" : {
                  "startLine" : 29
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "ForgotPassword.cshtml.cs:31 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ForgotPassword.cshtml.cs"
                },
                "region" : {
                  "startLine" : 31
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249589",
      "message" : {
        "text" : "The model class ChangePasswordModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "64BD08F84537262C8990CB8DAFEC0003"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/ChangePassword.cshtml.cs"
          },
          "region" : {
            "startLine" : 29,
            "endLine" : 29,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "ChangePassword.cshtml.cs:29 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/ChangePassword.cshtml.cs"
                },
                "region" : {
                  "startLine" : 29
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "ChangePassword.cshtml.cs:34 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/ChangePassword.cshtml.cs"
                },
                "region" : {
                  "startLine" : 34
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249590",
      "message" : {
        "text" : "The model class EnableAuthenticatorModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "3B282A31151F6CA8CDA20F5CFF0F3626"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/EnableAuthenticator.cshtml.cs"
          },
          "region" : {
            "startLine" : 45,
            "endLine" : 45,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "EnableAuthenticator.cshtml.cs:45 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/EnableAuthenticator.cshtml.cs"
                },
                "region" : {
                  "startLine" : 45
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "EnableAuthenticator.cshtml.cs:47 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/EnableAuthenticator.cshtml.cs"
                },
                "region" : {
                  "startLine" : 47
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249591",
      "message" : {
        "text" : "The model class RegisterModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "A3C36A489746148B66F81EE8155A8594"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/Register.cshtml.cs"
          },
          "region" : {
            "startLine" : 40,
            "endLine" : 40,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "Register.cshtml.cs:40 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/Register.cshtml.cs"
                },
                "region" : {
                  "startLine" : 40
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "Register.cshtml.cs:46 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/Register.cshtml.cs"
                },
                "region" : {
                  "startLine" : 46
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249592",
      "message" : {
        "text" : "The model class EmailModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "A826C1536A4ED66A6C5B85C470803BA9"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/Email.cshtml.cs"
          },
          "region" : {
            "startLine" : 42,
            "endLine" : 42,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "Email.cshtml.cs:42 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/Email.cshtml.cs"
                },
                "region" : {
                  "startLine" : 42
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "Email.cshtml.cs:44 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/Email.cshtml.cs"
                },
                "region" : {
                  "startLine" : 44
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249593",
      "message" : {
        "text" : "The model class ResetPasswordModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "A6F9DDFE87E5B40D5DC6D9095B1E8DC4"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ResetPassword.cshtml.cs"
          },
          "region" : {
            "startLine" : 26,
            "endLine" : 26,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "ResetPassword.cshtml.cs:26 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ResetPassword.cshtml.cs"
                },
                "region" : {
                  "startLine" : 26
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "ResetPassword.cshtml.cs:28 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ResetPassword.cshtml.cs"
                },
                "region" : {
                  "startLine" : 28
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249594",
      "message" : {
        "text" : "The model class SetPasswordModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "C4760FDC9F2D437FADDF4C1F2B12BFF0"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/SetPassword.cshtml.cs"
          },
          "region" : {
            "startLine" : 26,
            "endLine" : 26,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "SetPassword.cshtml.cs:26 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/SetPassword.cshtml.cs"
                },
                "region" : {
                  "startLine" : 26
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SetPassword.cshtml.cs:31 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/SetPassword.cshtml.cs"
                },
                "region" : {
                  "startLine" : 31
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249595",
      "message" : {
        "text" : "The model class DeletePersonalDataModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "BF97D3389A65CE90D541E309BAD9AB38"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/DeletePersonalData.cshtml.cs"
          },
          "region" : {
            "startLine" : 28,
            "endLine" : 28,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "DeletePersonalData.cshtml.cs:28 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/DeletePersonalData.cshtml.cs"
                },
                "region" : {
                  "startLine" : 28
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "DeletePersonalData.cshtml.cs:30 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-940665372/DeletePersonalData.cshtml.cs"
                },
                "region" : {
                  "startLine" : 30
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249597",
      "message" : {
        "text" : "The model class ExternalLoginModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "D6C003E7E860163A0F854F62042E6CB2"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ExternalLogin.cshtml.cs"
          },
          "region" : {
            "startLine" : 40,
            "endLine" : 40,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "ExternalLogin.cshtml.cs:40 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ExternalLogin.cshtml.cs"
                },
                "region" : {
                  "startLine" : 40
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "ExternalLogin.cshtml.cs:49 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/ExternalLogin.cshtml.cs"
                },
                "region" : {
                  "startLine" : 49
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249600",
      "message" : {
        "text" : "The model class LoginModel has a required property of which the type is an optional member of a parent model type and therefore may be susceptible to under-posting attacks.The model class has a required property and is the type of an optional member of a parent model type and therefore may be susceptible to under-posting attacks."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "F55F527BF5EA818557756BA9F3AACC6D"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/Login.cshtml.cs"
          },
          "region" : {
            "startLine" : 34,
            "endLine" : 34,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "Login.cshtml.cs:34 - Function: set_Input"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/Login.cshtml.cs"
                },
                "region" : {
                  "startLine" : 34
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "Login.cshtml.cs:43 - Class: InputModel"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Libs/dotnet/-401932451/Login.cshtml.cs"
                },
                "region" : {
                  "startLine" : 43
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249603",
      "message" : {
        "text" : "On line 74 of SiteController.cs, the method SubscribeNewsletterJSON() writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity.The method writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity."
      },
      "level" : "note",
      "partialFingerprints" : {
        "issueInstanceId" : "456DB2CFE5D213A4899F06A5D0FF56FD"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
          },
          "region" : {
            "startLine" : 74,
            "endLine" : 74,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:53 - SubscribeNewsletterJSON(1)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 53
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:74 - Concat(1 : return)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 74
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:74 - Concat(0 : return)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 74
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:74 - WriteRawValue(0)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 74
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249604",
      "message" : {
        "text" : "On line 71 of SiteController.cs, the method SubscribeNewsletterJSON() writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity.The method writes unvalidated input into JSON. This call could allow an attacker to inject arbitrary elements or attributes into the JSON entity."
      },
      "level" : "note",
      "partialFingerprints" : {
        "issueInstanceId" : "CDB692D69F307D50A6C2D8683C039EA6"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
          },
          "region" : {
            "startLine" : 71,
            "endLine" : 71,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:53 - SubscribeNewsletterJSON(0)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 53
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:71 - Concat(1 : return)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 71
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:71 - Concat(0 : return)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 71
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:71 - WriteRawValue(0)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 71
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249587",
      "message" : {
        "text" : "The framework binder used for binding the HTTP request parameters to the model class in  on line 106 has not been explicitly configured to allow, or disallow, certain attributes.The framework binder used for binding the HTTP request parameters to the model class has not been explicitly configured to allow, or disallow, certain attributes."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "002ED8512C0306C0728E09525FC1EE9F"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/ProductController.cs"
          },
          "region" : {
            "startLine" : 106,
            "endLine" : 106,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "ProductController.cs:106 - Variable: Product"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/ProductController.cs"
                },
                "region" : {
                  "startLine" : 106
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "Product.cs:10 - Class: Product"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Models/Product.cs"
                },
                "region" : {
                  "startLine" : 10
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249596",
      "message" : {
        "text" : "The framework binder used for binding the HTTP request parameters to the model class in  on line 72 has not been explicitly configured to allow, or disallow, certain attributes.The framework binder used for binding the HTTP request parameters to the model class has not been explicitly configured to allow, or disallow, certain attributes."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "CE34A2999649C15ECB25E396F4A2BE87"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/ProductController.cs"
          },
          "region" : {
            "startLine" : 72,
            "endLine" : 72,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "ProductController.cs:72 - Variable: Product"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/ProductController.cs"
                },
                "region" : {
                  "startLine" : 72
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "Product.cs:10 - Class: Product"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Models/Product.cs"
                },
                "region" : {
                  "startLine" : 10
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249588",
      "message" : {
        "text" : "A sensitive field defined in Product.cs on line 27 is exposed to the model binder.A sensitive field is exposed to the model binder."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "36929FD0E6AD84CB7D1A95875B2D6378"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Models/Product.cs"
          },
          "region" : {
            "startLine" : 27,
            "endLine" : 27,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "Product.cs:27 - Field: SalePrice"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Models/Product.cs"
                },
                "region" : {
                  "startLine" : 27
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249599",
      "message" : {
        "text" : "A sensitive field defined in Product.cs on line 20 is exposed to the model binder.A sensitive field is exposed to the model binder."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "EAC40B15DDDB10CE9EB81C3BD55A0106"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Models/Product.cs"
          },
          "region" : {
            "startLine" : 20,
            "endLine" : 20,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "Product.cs:20 - Field: Price"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Models/Product.cs"
                },
                "region" : {
                  "startLine" : 20
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249601",
      "message" : {
        "text" : "Hardcoded passwords can compromise system security in a way that is not easy to remedy."
      },
      "level" : "note",
      "partialFingerprints" : {
        "issueInstanceId" : "FB4A9F7FC250AED5CF3C4FF732906C26"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Utils/AdminUtils.cs"
          },
          "region" : {
            "startLine" : 12,
            "endLine" : 12,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "AdminUtils.cs:12 - Field: DEFAULT_ADMIN_PASSWORD"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Utils/AdminUtils.cs"
                },
                "region" : {
                  "startLine" : 12
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249598",
      "message" : {
        "text" : "The function SubscribeNewsletterXML() in SiteController.cs sometimes fails to release a system resource allocated by FileStream() on line 34.The program can potentially fail to release a system resource."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "1D1520D79956F670A52D98DEFE06A781"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
          },
          "region" : {
            "startLine" : 34,
            "endLine" : 34,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:34 - fileStream = new FileStream(...)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 34
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:34 - fileStream refers to an allocated resource"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 34
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:48 - fileStream no longer refers to an allocated resource"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 48
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:48 - fileStream end scope : Resource leaked"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 48
                }
              }
            }
          } ]
        } ]
      } ]
    }, {
      "ruleId" : "24249602",
      "message" : {
        "text" : "On line 43 of SiteController.cs, the method SubscribeNewsletterXML() writes unvalidated XML input. This call could allow an attacker to inject arbitrary elements or attributes into the XML document.Writing unvalidated data into an XML document can allow an attacker to change the structure and contents of the XML."
      },
      "level" : "warning",
      "partialFingerprints" : {
        "issueInstanceId" : "567F7925C4177C0CC73966283E232529"
      },
      "locations" : [ {
        "physicalLocation" : {
          "artifactLocation" : {
            "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
          },
          "region" : {
            "startLine" : 43,
            "endLine" : 43,
            "startColumn" : 1,
            "endColumn" : 80
          }
        }
      } ],
      "codeFlows" : [ {
        "threadFlows" : [ {
          "locations" : [ {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:29 - SubscribeNewsletterXML(1)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 29
                }
              }
            }
          }, {
            "location" : {
              "message" : {
                "text" : "SiteController.cs:43 - set_InnerXml(0)"
              },
              "physicalLocation" : {
                "artifactLocation" : {
                  "uri" : "scancentral5129820964484634250/proj/work/Src/InsecureWebApp/Controllers/SiteController.cs"
                },
                "region" : {
                  "startLine" : 43
                }
              }
            }
          } ]
        } ]
      } ]
    } ]
  } ]
}