csharp
Insecure or unset HTTP headers - Content-Security-Policy - C-Sharp
Need Implementation of secure and properly configured Content-Security-Policy headers Context Usage of C# 7.0 for modern language features and enhancements Usage of Microsoft.AspNetCore.Builder for configuring the ASP.NET Core application pipeline ...
Insecurely generated cookies - C-Sharp
Need Secure generation and handling of cookies Context Usage of C# for developing robust and efficient software applications Usage of Microsoft.AspNetCore.Builder for configuring and building ASP.NET Core applications Usage of ...
Enabled default credentials - C-Sharp
Need Enforcement of strong and unique credentials Context Usage of C# for building robust and scalable applications Usage of Microsoft.Extensions.DependencyInjection for dependency injection in .NET applications Usage of Microsoft.EntityFrameworkCore ...
Exposed web services - C-Sharp
Need Protection of sensitive information in WSDL files from unauthorized access Context Usage of C# for building robust and scalable applications Usage of System for system-level operations and interactions Usage of System.ServiceModel for building ...
Improper authorization control for web services - C-Sharp
Need Implementation of proper authorization control for web services Context Usage of C# for building robust and scalable applications Usage of System for low-level operating system interactions Usage of Microsoft.AspNetCore.Mvc for building web ...
Business information leak - C-Sharp
Need Protection of sensitive business information from unauthorized access or leakage Context Usage of C# for developing robust and efficient applications Usage of the System library for accessing and manipulating system-level functionality Usage of ...
Insecure generation of random numbers - C-Sharp
Need Secure generation of random numbers Context Usage of C# for developing robust and efficient software applications Usage of System for accessing and manipulating system-level functionality Description Non compliant code public class ...
Password change without identity check - C-Sharp
Need Enforce strong identity verification for password changes Context Usage of C# 7.1 for developing applications with advanced language features and improvements Usage of _userManager for user management and authentication Usage of ...
Sensitive information sent via URL parameters - C-Sharp
Need Protection of sensitive information during transmission Context Usage of C# for developing robust and efficient software applications Usage of _context for managing state and data in a specific context Usage of IActionResult for handling and ...
Inadequate file size control - C-Sharp
Need Implementation of file size restrictions and validation Context Usage of C# 7.1 for developing applications with advanced language features and improvements Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core MVC ...
Insecure temporary files - C-Sharp
Need Secure handling of temporary files Context Usage of C# for developing robust and scalable applications Usage of System.IO for input and output operations in .NET development Description Non compliant code public void CreateTempFile(string ...
Insecure file upload - C-Sharp
Need Secure file upload and validation process Context Usage of C# 7.1 for developing applications with advanced language features and improvements Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core Usage of ...
User enumeration - C-Sharp
Need Prevention of user enumeration Context Usage of C# for building robust and scalable applications Usage of _userManager for managing user authentication and authorization Usage of _signInManager for managing user sign-in functionality Description ...
Uncontrolled external site redirect - Host Header Injection - C-Sharp
Need Prevention of unauthorized external site redirects Context Usage of C# for building robust and scalable applications Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core Usage of Microsoft.AspNetCore.Http for ...
XPath injection - C-Sharp
Need Implementation of input validation and sanitization for XPath statements Context Usage of C# for building robust and scalable applications Usage of Microsoft.AspNetCore.Mvc for building web applications using the MVC pattern Usage of System.Xml ...
Non-encrypted confidential information - C-Sharp
Need Secure storage of confidential information Context Usage of C# 7.0 for modern language features and enhancements Usage of Microsoft.AspNetCore.Mvc for building web applications using the ASP.NET Core MVC framework Usage of ...
Sensitive information sent insecurely - C-Sharp
Need Secure transmission of sensitive information Context Usage of C# 7.0 for modern and efficient software development Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core Description Non compliant code public class ...
Insecure authentication method - Basic - C-Sharp
Need Secure authentication method Context Usage of C# 8.0 for modern and efficient programming in the .NET ecosystem Usage of Microsoft.AspNetCore.Authentication for implementing authentication in ASP.NET Core applications Usage of ...
Insecure functionality - C-Sharp
Need Secure functionality to prevent exploitation by attackers Context Usage of C# for building robust and scalable applications Usage of System for accessing and manipulating system-level functionalities Usage of System.IO for Input/Output ...
Insecure object reference - C-Sharp
Need Secure and granular access control mechanisms Context Usage of C# for building robust and scalable applications Usage of _context for managing state and data in a specific context Usage of NotFound for handling 404 errors in a web application ...
Stored cross-site scripting (XSS) - C-Sharp
Need Prevention of persistent cross-site scripting (XSS) attacks Context Usage of C# for building robust and scalable applications Usage of System for low-level operating system interactions and utilities Usage of Microsoft.AspNetCore.Mvc for ...
Reflected cross-site scripting (XSS) - C-Sharp
Need Implementation of input validation and output encoding to prevent XSS attacks. Context Usage of C# for developing robust and efficient applications Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core Usage of the ...
Cross-site request forgery - C-Sharp
Need Protection against cross-site request forgery attacks Context Usage of C# for building robust and scalable applications Usage of _userManager for user management and authentication Usage of UserModel for managing user data and operations Usage ...
Authentication mechanism absence or evasion - C-Sharp
Need Implementation of a robust and secure authentication mechanism Context Usage of C# for developing robust and scalable applications Usage of the System library for low-level operating system interactions Usage of Microsoft.AspNetCore.Mvc for ...
Privilege escalation - C-Sharp
Need Enhancement of role-based access control to prevent unauthorized privilege escalation Context Usage of C# 7.0 for modern language features and enhancements Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core Usage ...
Remote command execution - C-Sharp
Need Prevention of unauthorized remote command execution Context Usage of C# 7.0 for modern language features and enhancements Usage of Microsoft.AspNetCore.Mvc for building web applications with ASP.NET Core Usage of System.Diagnostics for logging ...
SQL injection - C Sharp SQL API - C-Sharp
Need Implementation of proper input validation and the use of parameterized statements or stored procedures to prevent SQL injection attacks. Context Usage of C# 7.1 for developing applications with advanced language features and improvements Usage ...
Symmetric denial of service - C-Sharp
Need Prevention of repeated request overload causing server unresponsiveness Context Usage of C# 7.1 for advanced language features and improvements Usage of Microsoft.AspNetCore.Mvc for building web applications using the ASP.NET Core MVC framework ...