...
| Tool | Version | Checker | Description | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Parasoft Jtest | 9.5 | SECURITY.WSC.ACPST, SERVLET.CETS, SECURITY.ESD.ACW | Implemented | ||||||
| SonarQube Java Plugin |
| S1989 | Partially Implemented |
Related Vulnerabilities
CVE-2009-2897 describes several cross-site scripting (XSS) vulnerabilities in several versions of SpringSource Hyperic HQ. These vulnerabilities allow remote attackers to inject arbitrary web script or HTML via invalid values for numerical parameters. They are demonstrated by an uncaught java.lang.NumberFormatException exception resulting from entering several invalid numeric parameters to the web interface.
...