...
This noncompliant code example logs the user's login name when an invalid request is received. No input sanitization is performeduntrusted data from an unauthenticated user without data sanitization.
| Code Block | ||
|---|---|---|
| ||
if (loginSuccessful) {
logger.severe("User login succeeded for: " + username);
} else {
logger.severe("User login failed for: " + username);
}
|
...