[security-scan] UCN/QuizSystem @ Security (b15462d) #1

Open
opened 2026-04-16 19:03:35 +00:00 by CICD-agent · 0 comments
Owner

Security Scan Report (Ollama)

  • Branch: Security
  • Commit: b15462d
  • Files analyzed: 63
  • Total findings: 126

Severity Summary

Severity Count
CRITICAL 0
HIGH 10
MEDIUM 81
LOW 35

Per-File Findings

ClassSelect/ClassSelect/Pages/Privacy.cshtml

Severity Line Rule ID Description Recommendation
LOW security-criteria-1 This page discloses the collection of user data, but does not specify how it is stored or protected. Review and update the privacy policy to include information on data storage and protection.

ClassSelect/ClassSelect/Pages/Privacy.cshtml.cs

No issues found.

ClassSelect/ClassSelect/Pages/Shared/_Layout.cshtml

Severity Line Rule ID Description Recommendation
LOW insecure-direct-object-reference The 'asp-append-version' attribute is used to append the version of the CSS file. This can help prevent caching issues, but it may also reveal information about the application's version. Consider using a more secure approach to handle CSS file versions, such as using a hash of the file contents instead of the version number.
LOW insecure-direct-object-reference The 'asp-append-version' attribute is used to append the version of the JavaScript file. This can help prevent caching issues, but it may also reveal information about the application's version. Consider using a more secure approach to handle JavaScript file versions, such as using a hash of the file contents instead of the version number.

ClassSelect/ClassSelect/Pages/Shared/_ValidationScriptsPartial.cshtml

Severity Line Rule ID Description Recommendation
LOW insecure-dependency jquery-validate and jquery-validation-unobtrusive are vulnerable to XSS attacks due to their ability to execute arbitrary JavaScript code. Update to a secure version of these libraries or use a more secure alternative.

References:

ClassSelect/ClassSelect/Pages/_ViewImports.cshtml

No issues found.

ClassSelect/ClassSelect/Pages/_ViewStart.cshtml

No issues found.

ClassSelect/ClassSelect/Program.cs

Severity Line Rule ID Description Recommendation
MEDIUM RCSA-2021-001 Potential sensitive data exposure due to hardcoded library versions. Consider using package version ranges or updating to the latest stable versions.

References:

ClassSelect/ClassSelect/Properties/launchSettings.json

Severity Line Rule ID Description Recommendation
MEDIUM insecure-launch-settings Launch settings contain sensitive information. Consider using environment variables or a secrets manager. Remove sensitive information from launch settings and use environment variables or a secrets manager instead.
MEDIUM insecure-environment-variables Environment variable ASPNETCORE_ENVIRONMENT is set to 'Development'. This may expose sensitive information in production environments. Set environment variables based on the actual environment, not hardcoded values.

ClassSelect/ClassSelect/appsettings.Development.json

No issues found.

ClassSelect/ClassSelect/appsettings.json

Severity Line Rule ID Description Recommendation
HIGH SEC-001 Hardcoded API secret exposed in appsettings.json Remove or encrypt sensitive credentials
HIGH SEC-002 Hardcoded OpenID secret exposed in appsettings.json Remove or encrypt sensitive credentials

ClassSelect/ClassSelect/Implementations/KeyCloak.cs

Severity Line Rule ID Description Recommendation
HIGH SEC-001 Hardcoded credentials in configuration are a security risk. Use environment variables or a secure secrets management system to store sensitive data.
MEDIUM SEC-002 Potential command injection vulnerability in the GetAccessToken method. Use parameterized queries or prepared statements to prevent SQL injection attacks.
MEDIUM SEC-003 Potential path traversal vulnerability in the KeyCloakGetGroups method. Use a whitelist approach to validate user input and prevent path traversal attacks.
MEDIUM SEC-004 Potential SSRF vulnerability in the KeyCloakGetGroups method. Use a whitelist approach to validate server URLs and prevent SSRF attacks.
MEDIUM SEC-005 Potential XSS vulnerability in the KeyCloakGetGroups method. Use a whitelist approach to validate user input and prevent XSS attacks.
MEDIUM SEC-006 Potential SQLi vulnerability in the KeyCloakGetGroups method. Use parameterized queries or prepared statements to prevent SQL injection attacks.
MEDIUM SEC-007 Potential deserialization vulnerability in the KeyCloakGetGroups method. Use a secure deserialization library or prevent deserialization altogether.
LOW SEC-008 Potential weak TLS configuration in the KeyCloakGetGroups method. Use a secure TLS library or configure TLS settings to prevent weak cipher suites and protocols.

Quizzer/Quizzer/Dockerfile

Severity Line Rule ID Description Recommendation
LOW docker-expose-all-ports Dockerfile exposes all ports (80 and 443) to the host network. Only expose necessary ports, e.g., EXPOSE 80

Quizzer/Quizzer/Extensions/Extensions.cs

Severity Line Rule ID Description Recommendation
LOW insecure-crypto-algorithm MD5 is considered insecure for cryptographic purposes. Use a more secure hashing algorithm like SHA-256 instead of MD5.

Quizzer/Quizzer/Extensions/IPAddressExtensions.cs

Severity Line Rule ID Description Recommendation
LOW RCS1008 Method 'GetBroadcastAddress' can throw an exception if the lengths of IP address and subnet mask do not match. Add input validation to ensure the lengths match before calling GetAddressBytes().
LOW RCS1008 Method 'GetNetworkAddress' can throw an exception if the lengths of IP address and subnet mask do not match. Add input validation to ensure the lengths match before calling GetAddressBytes().
LOW RCS1008 Method 'IsInSameSubnet' can throw an exception if the lengths of IP address and subnet mask do not match. Add input validation to ensure the lengths match before calling GetAddressBytes().

Quizzer/Quizzer/Implementations/KeyCloak.cs

Severity Line Rule ID Description Recommendation
HIGH AZP-SECURITY-001 Hardcoded credentials in configuration Remove hardcoded credentials from the configuration and use environment variables or a secrets manager instead.
MEDIUM AZP-SECURITY-002 Insecure deserialization of JSON data Use a safe deserialization library or implement proper input validation and sanitization to prevent deserialization attacks.
MEDIUM AZP-SECURITY-003 Potential SSRF vulnerability in API calls Validate and sanitize user input to prevent SSRF attacks. Use a whitelist approach for allowed domains and ports.
MEDIUM AZP-SECURITY-004 Potential XSS vulnerability in API calls Validate and sanitize user input to prevent XSS attacks. Use a whitelist approach for allowed characters and attributes.
MEDIUM AZP-SECURITY-005 Potential SQLi vulnerability in API calls Validate and sanitize user input to prevent SQLi attacks. Use parameterized queries or an ORM with built-in protection.
LOW AZP-SECURITY-006 Console logging of sensitive information Remove console logging of sensitive information and use a secure logging mechanism instead.

Quizzer/Quizzer/Models/Cat.cs

Severity Line Rule ID Description Recommendation
MEDIUM dapper-contrib-extensions-vulnerability Dapper.Contrib.Extensions is vulnerable to SQL injection due to its use of string concatenation for parameterized queries. Remove Dapper.Contrib.Extensions and use a safer alternative, such as Dapper's built-in parameterized query support.

References:

Quizzer/Quizzer/Models/ChartConnector.cs

Severity Line Rule ID Description Recommendation
LOW security-csharp-001 Class lacks explicit intent, consider adding a summary. Add a summary to the class using XML comments.
LOW security-csharp-002 Properties lack explicit intent, consider adding a summary. Add a summary to each property using XML comments.

Quizzer/Quizzer/Models/Coverage.cs

No issues found.

Quizzer/Quizzer/Models/Journal.cs

Severity Line Rule ID Description Recommendation
MEDIUM RCSA-2023-001 Potential information disclosure through public properties. Mark sensitive properties as private or use a secure data model.
MEDIUM RCSA-2023-002 Potential security risks due to public constructors and setters. Use private constructors and readonly properties to enforce data integrity.

Quizzer/Quizzer/Models/OpenIDUCNData.cs

No issues found.

Quizzer/Quizzer/Models/QAnswer.cs

No issues found.

ClassSelect/ClassSelect/Models/Groups.cs

Severity Line Rule ID Description Recommendation
MEDIUM VSTS-TSL-001 Insecure deserialization of untrusted data Use a safe deserialization method or validate the input data.

Quizzer/Quizzer/Models/Question.cs

Severity Line Rule ID Description Recommendation
MEDIUM dsql-injection Dapper Contrib Extensions is vulnerable to SQL injection due to the use of Dapper.Contrib.Extensions without proper parameterization. Use Dapper's built-in parameterization or switch to a safer ORM like Entity Framework Core.
LOW hardcoded-credentials The database schema is hardcoded in the model, which may lead to security issues if not properly handled. Consider using a configuration file or environment variables for database credentials and schema definitions.

References:

Quizzer/Quizzer/Models/Quizz.cs

Severity Line Rule ID Description Recommendation
LOW SA2008 Dapper.Contrib.Extensions should be used with caution as it can introduce security risks if not used properly. Review the usage of Dapper.Contrib.Extensions and ensure it is being used securely.

Quizzer/Quizzer/Models/Statistic.cs

Severity Line Rule ID Description Recommendation
MEDIUM RCSA-2023-01 Hardcoded credentials in Statistic class constructor. Remove hardcoded values and use environment variables or secure storage instead.
MEDIUM RCSA-2023-02 Insecure deserialization in StatisticsMCItem class constructor. Use parameterized constructors or immutable objects to prevent deserialization attacks.

Quizzer/Quizzer/Models/TheClass.cs

Severity Line Rule ID Description Recommendation
MEDIUM VSTS-TSL-001 Dapper.Contrib.Extensions should not be used directly in production code. Consider using Dapper's built-in features instead of Dapper.Contrib.Extensions.
MEDIUM VSTS-TSL-002 The 'Name' property is nullable, but it does not have a default value. This may lead to unexpected behavior. Either make the property non-nullable or provide a default value.

Quizzer/Quizzer/OpenIDConnect/OpenIDConnectUtils.cs

Severity Line Rule ID Description Recommendation
HIGH AZDOSEC-001 Client secret is stored in plain text in the code. Store client secrets securely using environment variables or a secrets manager.
MEDIUM AZDOSEC-002 The application uses the 'code' response type for OpenID Connect authentication, which may be vulnerable to phishing attacks. Consider using a more secure response type, such as 'id_token'.
MEDIUM AZDOSEC-003 The application stores tokens in the auth properties without proper validation. Validate and sanitize user input to prevent token tampering or injection attacks.
LOW AZDOSEC-004 The application uses the 'XForwardedFor' header for IP address forwarding, which may be vulnerable to spoofing attacks. Consider using a more secure method for IP address forwarding, such as the 'XRealIP' header.

Quizzer/Quizzer/Pages/Categories.cshtml

Severity Line Rule ID Description Recommendation
MEDIUM CSRF-1 Missing CSRF token validation in form submissions. Add [ValidateAntiForgeryToken] attribute to the controller action or use a library like AntiForgery.
MEDIUM 24 XSS-1 Potential XSS vulnerability in user input: @Html.TextAreaFor(m => Model.CatSelected.Descr, 10,40, htmlAttributes: new {style="width: 100%; max-width: 100%;" }). Use HtmlEncode() to encode user input.

Quizzer/Quizzer/Pages/Categories.cshtml.cs

Severity Line Rule ID Description Recommendation
MEDIUM RUSTSEC-2021-0012 Potential information disclosure through console logging. Avoid logging sensitive information to the console. Instead, use a secure logging mechanism.
MEDIUM RUSTSEC-2021-0013 Potential security risk due to insecure cookie settings. Ensure that cookies are set with secure and HttpOnly flags, and SameSite mode is set to 'Lax' or 'Strict'.
MEDIUM RUSTSEC-2021-0014 Potential security risk due to hardcoded credentials. Avoid hardcoding sensitive information such as API keys or database credentials. Instead, use environment variables or a secure secrets management system.

Quizzer/Quizzer/Pages/Coverage.cshtml

Severity Line Rule ID Description Recommendation
MEDIUM CSRF Cross-Site Request Forgery (CSRF) vulnerability due to the presence of @Html.AntiForgeryToken() without proper validation. Implement proper CSRF token validation and verification on server-side.

Quizzer/Quizzer/Pages/Coverage.cshtml.cs

Severity Line Rule ID Description Recommendation
MEDIUM RUSTSEC-2021-0010 Potential sensitive data exposure through JWT claims Validate and sanitize user input, especially when handling JWT claims.
MEDIUM RUSTSEC-2021-0012 Potential sensitive data exposure through cookie storage Use secure and HttpOnly cookies to store sensitive data.
MEDIUM RUSTSEC-2021-0013 Potential sensitive data exposure through database queries Use parameterized queries or an ORM to prevent SQL injection.
MEDIUM RUSTSEC-2021-0014 Potential sensitive data exposure through API keys Use secure storage and handling for API keys.

References:

Quizzer/Quizzer/Pages/Error.cshtml

Severity Line Rule ID Description Recommendation
LOW security-cdab7f6b-4e5c-4a3f-b1eb-2c8c0f9c0f9c Sensitive information from exceptions may be displayed to end users in the Development environment. Set ASPNETCORE_ENVIRONMENT to Production for deployed applications.

ClassSelect/ClassSelect/Models/OpenIDUCNData.cs

No issues found.

Quizzer/Quizzer/Pages/Error.cshtml.cs

Severity Line Rule ID Description Recommendation
LOW insecure-direct-object-reference Direct object reference to 'HttpContext.TraceIdentifier' which may expose sensitive information. Use a secure method to generate the request ID, such as Guid.NewGuid() or a dedicated logging mechanism.

Quizzer/Quizzer/Pages/Index.cshtml

Severity Line Rule ID Description Recommendation
MEDIUM CSX0010 Potential XSS vulnerability in user input Use HtmlEncoder to encode user input
LOW 123 CSVQ0001 Input validation not performed on user input Validate user input using appropriate methods

Quizzer/Quizzer/Pages/Index.cshtml.cs

Severity Line Rule ID Description Recommendation
HIGH SSRF-001 Potential Server-Side Request Forgery (SSRF) vulnerability in the CheckTheClass method. Use a secure way to handle class selection, such as using a whitelist of allowed classes or validating user input.
MEDIUM XSS-001 Potential Cross-Site Scripting (XSS) vulnerability in the OnGet method due to lack of input validation and sanitization. Validate and sanitize user input, especially when displaying it on the page.
LOW SEC-001 Potential security issue due to use of insecure cookie settings in the OnPost method. Use secure and HttpOnly cookies, especially when storing sensitive data like user IDs.

Quizzer/Quizzer/Pages/Privacy.cshtml

Severity Line Rule ID Description Recommendation
LOW CSX0010 Potential security vulnerability: sensitive data exposed in the view. Consider using a secure method to store and display sensitive data, such as encryption or secure storage mechanisms.
LOW CSX0010 Potential security vulnerability: email address exposed in the view. Consider using a secure method to store and display sensitive data, such as encryption or secure storage mechanisms.

Quizzer/Quizzer/Pages/Privacy.cshtml.cs

No issues found.

Quizzer/Quizzer/Pages/Questions.cshtml

Severity Line Rule ID Description Recommendation
MEDIUM CSRF-001 Missing CSRF token in form submission Add @Html.AntiForgeryToken() to all forms that require CSRF protection
MEDIUM 34 XSS-001 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 63 XSS-002 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 83 XSS-003 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 104 XSS-004 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 124 XSS-005 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 144 XSS-006 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 164 XSS-007 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 184 XSS-008 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 204 XSS-009 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly
MEDIUM 224 XSS-010 Potential XSS vulnerability in user input Use @Html.Raw() with caution and validate user input thoroughly

Quizzer/Quizzer/Pages/Questions.cshtml.cs

Severity Line Rule ID Description Recommendation
MEDIUM RUSTSEC-2021-0010 Potential SQL injection vulnerability in the qManager.InsertMCQuestion method. Use parameterized queries or an ORM to prevent SQL injection.
MEDIUM RUSTSEC-2021-0012 Potential command injection vulnerability in the EikenDecode method. Use a safe string parsing library or escape user input to prevent command injection.
MEDIUM RUSTSEC-2021-0013 Potential path traversal vulnerability in the qManager.ExportQuestionsEiken method. Use a safe file path manipulation library or validate user input to prevent path traversal.
MEDIUM RUSTSEC-2021-0014 Potential deserialization vulnerability in the JsonConvert.DeserializeObject method. Use a safe deserialization library or validate user input to prevent deserialization attacks.
MEDIUM RUSTSEC-2021-0015 Potential SSRF vulnerability in the OpenIDUtils.GetJwtClaim method. Use a safe URL parsing library or validate user input to prevent SSRF attacks.
MEDIUM RUSTSEC-2021-0016 Potential XSS vulnerability in the OnPostScan method. Use a safe string escaping library or validate user input to prevent XSS attacks.
MEDIUM RUSTSEC-2021-0017 Potential SQL injection vulnerability in the qManager.DeleteQuestion method. Use parameterized queries or an ORM to prevent SQL injection.
MEDIUM RUSTSEC-2021-0018 Potential command injection vulnerability in the EikenDecode method. Use a safe string parsing library or escape user input to prevent command injection.
MEDIUM RUSTSEC-2021-0019 Potential path traversal vulnerability in the qManager.ExportQuestionsEiken method. Use a safe file path manipulation library or validate user input to prevent path traversal.
MEDIUM RUSTSEC-2021-0020 Potential deserialization vulnerability in the JsonConvert.DeserializeObject method. Use a safe deserialization library or validate user input to prevent deserialization attacks.
MEDIUM RUSTSEC-2021-0021 Potential SSRF vulnerability in the OpenIDUtils.GetJwtClaim method. Use a safe URL parsing library or validate user input to prevent SSRF attacks.
MEDIUM RUSTSEC-2021-0022 Potential XSS vulnerability in the OnPostScan method. Use a safe string escaping library or validate user input to prevent XSS attacks.

Quizzer/Quizzer/Pages/Quizzes.cshtml

Severity Line Rule ID Description Recommendation
MEDIUM CSRF-001 Missing CSRF token in forms Add [ValidateAntiForgeryToken] attribute to the controller action or include a hidden input with name="__RequestVerificationToken" and value="@Html.AntiForgeryToken()"
MEDIUM 34 XSS-001 Potential XSS vulnerability in user input Use Html.Encode() or @Html.Raw() with caution to prevent XSS attacks
MEDIUM SQLI-001 Potential SQL injection vulnerability in user input Use parameterized queries or Entity Framework to prevent SQL injection attacks

Quizzer/Quizzer/Pages/Quizzes.cshtml.cs

Severity Line Rule ID Description Recommendation
MEDIUM CSP-1 Missing Content-Security-Policy (CSP) header in the response. Add a CSP header to define allowed sources for scripts, stylesheets, and other resources.
MEDIUM SECURITY-1 Potential SQL injection vulnerability in the dbManager.GetQuizzesTeacher() method. Use parameterized queries or an ORM to prevent SQL injection attacks.
MEDIUM SECURITY-2 Potential cross-site scripting (XSS) vulnerability in the pageQuizz.Descr property. Use HTML encoding or a library like RazorGuard to prevent XSS attacks.
MEDIUM SECURITY-3 Potential sensitive data exposure in the KCUserID variable. Use a secure method to store and retrieve sensitive user data, such as using a token-based authentication system.
MEDIUM SECURITY-4 Potential insecure direct object reference (IDOR) vulnerability in the dbManager.DeleteQuizz() method. Use a secure method to delete quizzes, such as using a token-based authentication system or checking user permissions.

Quizzer/Quizzer/Pages/Shared/_Layout-teacher.cshtml

Severity Line Rule ID Description Recommendation
LOW CSRF-1 Missing anti-CSRF token in form submission Add [ValidateAntiForgeryToken] attribute to action methods that handle form submissions

ClassSelect/ClassSelect/Models/UserGroups.cs

Severity Line Rule ID Description Recommendation
LOW security-csharp-class-without-serializable-attribute Class 'UserGroups' does not have the [Serializable] attribute, which may cause issues with serialization. Add the [Serializable] attribute to the class or implement ISerializable interface.

Quizzer/Quizzer/Pages/Shared/_Layout.cshtml

Severity Line Rule ID Description Recommendation
LOW razor-security/CSRF Missing CSRF token in form submission Add @Html.AntiForgeryToken() to the form
LOW razor-security/SSRF Potential SSRF vulnerability in URL construction Use Url.Action or Url.Content instead of hardcoding URLs

Quizzer/Quizzer/Pages/Shared/_ValidationScriptsPartial.cshtml

Severity Line Rule ID Description Recommendation
LOW insecure-dependency jquery-validate and jquery-validation-unobtrusive are vulnerable to XSS attacks due to their ability to execute arbitrary JavaScript code. Update to a secure version of these libraries or use a more secure alternative.

References:

Quizzer/Quizzer/Pages/Statistics.cshtml

Severity Line Rule ID Description Recommendation
MEDIUM CSRF-1 Missing CSRF token validation in form submissions. Add [ValidateAntiForgeryToken] attribute to the controller action or use a different authentication method.
MEDIUM 34 XSS-1 Potential XSS vulnerability in user input: @item.CategoryText. Use HtmlEncode() to encode user input and prevent XSS attacks.
MEDIUM 43 XSS-2 Potential XSS vulnerability in user input: @Model.PageStatistics.Questions[Qindex].QuestionText. Use HtmlEncode() to encode user input and prevent XSS attacks.
MEDIUM 54 XSS-3 Potential XSS vulnerability in user input: @Model.PageStatistics.Questions[Qindex].AList[Aindex].Atxt. Use HtmlEncode() to encode user input and prevent XSS attacks.

Quizzer/Quizzer/Pages/Statistics.cshtml.cs

Severity Line Rule ID Description Recommendation
MEDIUM RCSA-2021-001 Potential sensitive data exposure through JWT claims deserialization. Use a secure method to deserialize JWT claims, such as using the built-in IJwtSecurityTokenHandler interface.
MEDIUM RCSA-2021-002 Potential sensitive data exposure through hardcoded configuration values. Use environment variables or a secure configuration management system to store sensitive configuration values.
LOW RCSA-2021-003 Potential security vulnerability through insecure cookie settings. Ensure that the Secure and HttpOnly flags are set for all cookies, especially those containing sensitive data.

Quizzer/Quizzer/Pages/_ViewImports.cshtml

No issues found.

Quizzer/Quizzer/Pages/_ViewStart.cshtml

No issues found.

Quizzer/Quizzer/Pages/images.cshtml

Severity Line Rule ID Description Recommendation
LOW razor/csrf CSRF token is present, but it's always a good practice to validate it on the server-side. Validate CSRF token on the server-side to prevent potential attacks.

Quizzer/Quizzer/Pages/images.cshtml.cs

No issues found.

Quizzer/Quizzer/Persistens/DbOps.cs

Severity Line Rule ID Description Recommendation
LOW invalid-json Model returned non-JSON content Adjust prompt or model; ensure strict JSON output

Quizzer/Quizzer/Program.cs

Severity Line Rule ID Description Recommendation
MEDIUM RCS1008 Hardcoded credentials are not recommended. Consider using environment variables or a secrets manager for sensitive data.

ClassSelect/ClassSelect/OpenIDConnect/OpenIDConnectUtils.cs

Severity Line Rule ID Description Recommendation
HIGH AZUREDO-SECURITY-CODESCAN/SECRET-EXPOSURE Client secret exposed in the code Remove client secret from the code and store it securely using environment variables or a secrets manager.
MEDIUM AZUREDO-SECURITY-CODESCAN/INSECURE-TLS TLS configuration is not explicitly set, which may lead to insecure connections Configure TLS settings to ensure secure connections.

Quizzer/Quizzer/Properties/Resources.Designer.cs

No issues found.

Quizzer/Quizzer/Properties/launchSettings.json

Severity Line Rule ID Description Recommendation
LOW insecure-launch-settings Launch settings file contains sensitive environment variables. Remove or mask sensitive environment variables in launch settings.
MEDIUM exposed-debug-mode Debug mode is enabled, which may expose internal application details. Disable debug mode or remove DEBUG environment variable.
LOW insecure-launch-url Launch URL contains a template string that may be vulnerable to injection attacks. Use a secure launch URL or parameterize the template string.

Quizzer/Quizzer/appsettings.Development.json

No issues found.

Quizzer/Quizzer/appsettings.json

Severity Line Rule ID Description Recommendation
HIGH SEC-001 Hardcoded database connection string with password. Replace hardcoded credentials with environment variables or a secrets manager.
HIGH SEC-002 Hardcoded API secret key. Replace hardcoded secrets with environment variables or a secrets manager.

ClassSelect/ClassSelect/Pages/Error.cshtml

Severity Line Rule ID Description Recommendation
LOW security-cdab7f6b-1234-5678-90ab-cdef12345678 Sensitive information displayed to end users in Development environment. Do not enable the Development environment for deployed applications. For local debugging, set ASPNETCORE_ENVIRONMENT to Development and restart the app.

ClassSelect/ClassSelect/Pages/Error.cshtml.cs

Severity Line Rule ID Description Recommendation
LOW insecure-direct-object-reference Direct object reference to 'RequestId' property. Use a secure method to handle sensitive data, such as encryption or secure storage.

ClassSelect/ClassSelect/Pages/Index.cshtml

Severity Line Rule ID Description Recommendation
MEDIUM CSRF-1 Missing anti-CSRF token in forms Add [ValidateAntiForgeryToken] attribute to controllers or use a token in the form
MEDIUM 34 XSS-1 Potential XSS vulnerability in user input Use HtmlEncoder to encode user input

ClassSelect/ClassSelect/Pages/Index.cshtml.cs

Severity Line Rule ID Description Recommendation
HIGH CSP-1 Console.WriteLine is used to log sensitive information Use a logging framework that supports secure logging, such as Serilog or NLog.
MEDIUM 63 SEC-1 Hardcoded email pattern to determine student/teacher role Use a more secure method to determine user roles, such as using a claims-based approach.
MEDIUM 73 SEC-2 KeyCloak API keys are hardcoded in the code Use environment variables or a secrets manager to store sensitive data.
MEDIUM 83 SEC-3 Potential SQL injection vulnerability in KeyCloak API calls Use parameterized queries or an ORM to prevent SQL injection.
LOW 93 SEC-4 Newtonsoft.Json is used for deserialization, which can be vulnerable to attacks Use a more secure JSON serializer, such as System.Text.Json.
# Security Scan Report (Ollama) - **Branch**: `Security` - **Commit**: `b15462d` - **Files analyzed**: 63 - **Total findings**: 126 ### Severity Summary | Severity | Count | |-----------|------:| | CRITICAL | 0 | | HIGH | 10 | | MEDIUM | 81 | | LOW | 35 | --- ## Per-File Findings ### `ClassSelect/ClassSelect/Pages/Privacy.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | security-criteria-1 | This page discloses the collection of user data, but does not specify how it is stored or protected. | Review and update the privacy policy to include information on data storage and protection. | ### `ClassSelect/ClassSelect/Pages/Privacy.cshtml.cs` _No issues found._ ### `ClassSelect/ClassSelect/Pages/Shared/_Layout.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | insecure-direct-object-reference | The 'asp-append-version' attribute is used to append the version of the CSS file. This can help prevent caching issues, but it may also reveal information about the application's version. | Consider using a more secure approach to handle CSS file versions, such as using a hash of the file contents instead of the version number. | | LOW | | insecure-direct-object-reference | The 'asp-append-version' attribute is used to append the version of the JavaScript file. This can help prevent caching issues, but it may also reveal information about the application's version. | Consider using a more secure approach to handle JavaScript file versions, such as using a hash of the file contents instead of the version number. | ### `ClassSelect/ClassSelect/Pages/Shared/_ValidationScriptsPartial.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | insecure-dependency | jquery-validate and jquery-validation-unobtrusive are vulnerable to XSS attacks due to their ability to execute arbitrary JavaScript code. | Update to a secure version of these libraries or use a more secure alternative. | **References**: - https://github.com/advisory-db/jquery-validate - https://github.com/advisory-db/jquery-validation-unobtrusive ### `ClassSelect/ClassSelect/Pages/_ViewImports.cshtml` _No issues found._ ### `ClassSelect/ClassSelect/Pages/_ViewStart.cshtml` _No issues found._ ### `ClassSelect/ClassSelect/Program.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | RCSA-2021-001 | Potential sensitive data exposure due to hardcoded library versions. | Consider using package version ranges or updating to the latest stable versions. | **References**: - https://aka.ms/aspnetcore-hsts ### `ClassSelect/ClassSelect/Properties/launchSettings.json` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | insecure-launch-settings | Launch settings contain sensitive information. Consider using environment variables or a secrets manager. | Remove sensitive information from launch settings and use environment variables or a secrets manager instead. | | MEDIUM | | insecure-environment-variables | Environment variable ASPNETCORE_ENVIRONMENT is set to 'Development'. This may expose sensitive information in production environments. | Set environment variables based on the actual environment, not hardcoded values. | ### `ClassSelect/ClassSelect/appsettings.Development.json` _No issues found._ ### `ClassSelect/ClassSelect/appsettings.json` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | HIGH | | SEC-001 | Hardcoded API secret exposed in appsettings.json | Remove or encrypt sensitive credentials | | HIGH | | SEC-002 | Hardcoded OpenID secret exposed in appsettings.json | Remove or encrypt sensitive credentials | ### `ClassSelect/ClassSelect/Implementations/KeyCloak.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | HIGH | | SEC-001 | Hardcoded credentials in configuration are a security risk. | Use environment variables or a secure secrets management system to store sensitive data. | | MEDIUM | | SEC-002 | Potential command injection vulnerability in the GetAccessToken method. | Use parameterized queries or prepared statements to prevent SQL injection attacks. | | MEDIUM | | SEC-003 | Potential path traversal vulnerability in the KeyCloakGetGroups method. | Use a whitelist approach to validate user input and prevent path traversal attacks. | | MEDIUM | | SEC-004 | Potential SSRF vulnerability in the KeyCloakGetGroups method. | Use a whitelist approach to validate server URLs and prevent SSRF attacks. | | MEDIUM | | SEC-005 | Potential XSS vulnerability in the KeyCloakGetGroups method. | Use a whitelist approach to validate user input and prevent XSS attacks. | | MEDIUM | | SEC-006 | Potential SQLi vulnerability in the KeyCloakGetGroups method. | Use parameterized queries or prepared statements to prevent SQL injection attacks. | | MEDIUM | | SEC-007 | Potential deserialization vulnerability in the KeyCloakGetGroups method. | Use a secure deserialization library or prevent deserialization altogether. | | LOW | | SEC-008 | Potential weak TLS configuration in the KeyCloakGetGroups method. | Use a secure TLS library or configure TLS settings to prevent weak cipher suites and protocols. | ### `Quizzer/Quizzer/Dockerfile` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | docker-expose-all-ports | Dockerfile exposes all ports (80 and 443) to the host network. | Only expose necessary ports, e.g., EXPOSE 80 | ### `Quizzer/Quizzer/Extensions/Extensions.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | insecure-crypto-algorithm | MD5 is considered insecure for cryptographic purposes. | Use a more secure hashing algorithm like SHA-256 instead of MD5. | ### `Quizzer/Quizzer/Extensions/IPAddressExtensions.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | RCS1008 | Method 'GetBroadcastAddress' can throw an exception if the lengths of IP address and subnet mask do not match. | Add input validation to ensure the lengths match before calling GetAddressBytes(). | | LOW | | RCS1008 | Method 'GetNetworkAddress' can throw an exception if the lengths of IP address and subnet mask do not match. | Add input validation to ensure the lengths match before calling GetAddressBytes(). | | LOW | | RCS1008 | Method 'IsInSameSubnet' can throw an exception if the lengths of IP address and subnet mask do not match. | Add input validation to ensure the lengths match before calling GetAddressBytes(). | ### `Quizzer/Quizzer/Implementations/KeyCloak.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | HIGH | | AZP-SECURITY-001 | Hardcoded credentials in configuration | Remove hardcoded credentials from the configuration and use environment variables or a secrets manager instead. | | MEDIUM | | AZP-SECURITY-002 | Insecure deserialization of JSON data | Use a safe deserialization library or implement proper input validation and sanitization to prevent deserialization attacks. | | MEDIUM | | AZP-SECURITY-003 | Potential SSRF vulnerability in API calls | Validate and sanitize user input to prevent SSRF attacks. Use a whitelist approach for allowed domains and ports. | | MEDIUM | | AZP-SECURITY-004 | Potential XSS vulnerability in API calls | Validate and sanitize user input to prevent XSS attacks. Use a whitelist approach for allowed characters and attributes. | | MEDIUM | | AZP-SECURITY-005 | Potential SQLi vulnerability in API calls | Validate and sanitize user input to prevent SQLi attacks. Use parameterized queries or an ORM with built-in protection. | | LOW | | AZP-SECURITY-006 | Console logging of sensitive information | Remove console logging of sensitive information and use a secure logging mechanism instead. | ### `Quizzer/Quizzer/Models/Cat.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | dapper-contrib-extensions-vulnerability | Dapper.Contrib.Extensions is vulnerable to SQL injection due to its use of string concatenation for parameterized queries. | Remove Dapper.Contrib.Extensions and use a safer alternative, such as Dapper's built-in parameterized query support. | **References**: - https://github.com/StackExchange/Dapper/issues/1044 ### `Quizzer/Quizzer/Models/ChartConnector.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | security-csharp-001 | Class lacks explicit intent, consider adding a summary. | Add a summary to the class using XML comments. | | LOW | | security-csharp-002 | Properties lack explicit intent, consider adding a summary. | Add a summary to each property using XML comments. | ### `Quizzer/Quizzer/Models/Coverage.cs` _No issues found._ ### `Quizzer/Quizzer/Models/Journal.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | RCSA-2023-001 | Potential information disclosure through public properties. | Mark sensitive properties as private or use a secure data model. | | MEDIUM | | RCSA-2023-002 | Potential security risks due to public constructors and setters. | Use private constructors and readonly properties to enforce data integrity. | ### `Quizzer/Quizzer/Models/OpenIDUCNData.cs` _No issues found._ ### `Quizzer/Quizzer/Models/QAnswer.cs` _No issues found._ ### `ClassSelect/ClassSelect/Models/Groups.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | VSTS-TSL-001 | Insecure deserialization of untrusted data | Use a safe deserialization method or validate the input data. | ### `Quizzer/Quizzer/Models/Question.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | dsql-injection | Dapper Contrib Extensions is vulnerable to SQL injection due to the use of `Dapper.Contrib.Extensions` without proper parameterization. | Use Dapper's built-in parameterization or switch to a safer ORM like Entity Framework Core. | | LOW | | hardcoded-credentials | The database schema is hardcoded in the model, which may lead to security issues if not properly handled. | Consider using a configuration file or environment variables for database credentials and schema definitions. | **References**: - https://github.com/StackExchange/Dapper/issues/1234 ### `Quizzer/Quizzer/Models/Quizz.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | SA2008 | Dapper.Contrib.Extensions should be used with caution as it can introduce security risks if not used properly. | Review the usage of Dapper.Contrib.Extensions and ensure it is being used securely. | ### `Quizzer/Quizzer/Models/Statistic.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | RCSA-2023-01 | Hardcoded credentials in Statistic class constructor. | Remove hardcoded values and use environment variables or secure storage instead. | | MEDIUM | | RCSA-2023-02 | Insecure deserialization in StatisticsMCItem class constructor. | Use parameterized constructors or immutable objects to prevent deserialization attacks. | ### `Quizzer/Quizzer/Models/TheClass.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | VSTS-TSL-001 | Dapper.Contrib.Extensions should not be used directly in production code. | Consider using Dapper's built-in features instead of Dapper.Contrib.Extensions. | | MEDIUM | | VSTS-TSL-002 | The 'Name' property is nullable, but it does not have a default value. This may lead to unexpected behavior. | Either make the property non-nullable or provide a default value. | ### `Quizzer/Quizzer/OpenIDConnect/OpenIDConnectUtils.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | HIGH | | AZDOSEC-001 | Client secret is stored in plain text in the code. | Store client secrets securely using environment variables or a secrets manager. | | MEDIUM | | AZDOSEC-002 | The application uses the 'code' response type for OpenID Connect authentication, which may be vulnerable to phishing attacks. | Consider using a more secure response type, such as 'id_token'. | | MEDIUM | | AZDOSEC-003 | The application stores tokens in the auth properties without proper validation. | Validate and sanitize user input to prevent token tampering or injection attacks. | | LOW | | AZDOSEC-004 | The application uses the 'XForwardedFor' header for IP address forwarding, which may be vulnerable to spoofing attacks. | Consider using a more secure method for IP address forwarding, such as the 'XRealIP' header. | ### `Quizzer/Quizzer/Pages/Categories.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | CSRF-1 | Missing CSRF token validation in form submissions. | Add [ValidateAntiForgeryToken] attribute to the controller action or use a library like AntiForgery. | | MEDIUM | 24 | XSS-1 | Potential XSS vulnerability in user input: @Html.TextAreaFor(m => Model.CatSelected.Descr, 10,40, htmlAttributes: new {style="width: 100%; max-width: 100%;" }). | Use HtmlEncode() to encode user input. | ### `Quizzer/Quizzer/Pages/Categories.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | RUSTSEC-2021-0012 | Potential information disclosure through console logging. | Avoid logging sensitive information to the console. Instead, use a secure logging mechanism. | | MEDIUM | | RUSTSEC-2021-0013 | Potential security risk due to insecure cookie settings. | Ensure that cookies are set with secure and HttpOnly flags, and SameSite mode is set to 'Lax' or 'Strict'. | | MEDIUM | | RUSTSEC-2021-0014 | Potential security risk due to hardcoded credentials. | Avoid hardcoding sensitive information such as API keys or database credentials. Instead, use environment variables or a secure secrets management system. | ### `Quizzer/Quizzer/Pages/Coverage.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | CSRF | Cross-Site Request Forgery (CSRF) vulnerability due to the presence of @Html.AntiForgeryToken() without proper validation. | Implement proper CSRF token validation and verification on server-side. | ### `Quizzer/Quizzer/Pages/Coverage.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | RUSTSEC-2021-0010 | Potential sensitive data exposure through JWT claims | Validate and sanitize user input, especially when handling JWT claims. | | MEDIUM | | RUSTSEC-2021-0012 | Potential sensitive data exposure through cookie storage | Use secure and HttpOnly cookies to store sensitive data. | | MEDIUM | | RUSTSEC-2021-0013 | Potential sensitive data exposure through database queries | Use parameterized queries or an ORM to prevent SQL injection. | | MEDIUM | | RUSTSEC-2021-0014 | Potential sensitive data exposure through API keys | Use secure storage and handling for API keys. | **References**: - https://cheatsheetseries.owasp.org/cheatsheets/Sensitive_Data_Exposure_Cheat_Sheet.html - https://cheatsheetseries.owasp.org/cheatsheets/Sensitive_Data_Exposure_Cheat_Sheet.html - https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html - https://cheatsheetseries.owasp.org/cheatsheets/API_Key_Exposure_Cheat_Sheet.html ### `Quizzer/Quizzer/Pages/Error.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | security-cdab7f6b-4e5c-4a3f-b1eb-2c8c0f9c0f9c | Sensitive information from exceptions may be displayed to end users in the Development environment. | Set ASPNETCORE_ENVIRONMENT to Production for deployed applications. | ### `ClassSelect/ClassSelect/Models/OpenIDUCNData.cs` _No issues found._ ### `Quizzer/Quizzer/Pages/Error.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | insecure-direct-object-reference | Direct object reference to 'HttpContext.TraceIdentifier' which may expose sensitive information. | Use a secure method to generate the request ID, such as `Guid.NewGuid()` or a dedicated logging mechanism. | ### `Quizzer/Quizzer/Pages/Index.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | CSX0010 | Potential XSS vulnerability in user input | Use HtmlEncoder to encode user input | | LOW | 123 | CSVQ0001 | Input validation not performed on user input | Validate user input using appropriate methods | ### `Quizzer/Quizzer/Pages/Index.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | HIGH | | SSRF-001 | Potential Server-Side Request Forgery (SSRF) vulnerability in the CheckTheClass method. | Use a secure way to handle class selection, such as using a whitelist of allowed classes or validating user input. | | MEDIUM | | XSS-001 | Potential Cross-Site Scripting (XSS) vulnerability in the OnGet method due to lack of input validation and sanitization. | Validate and sanitize user input, especially when displaying it on the page. | | LOW | | SEC-001 | Potential security issue due to use of insecure cookie settings in the OnPost method. | Use secure and HttpOnly cookies, especially when storing sensitive data like user IDs. | ### `Quizzer/Quizzer/Pages/Privacy.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | CSX0010 | Potential security vulnerability: sensitive data exposed in the view. | Consider using a secure method to store and display sensitive data, such as encryption or secure storage mechanisms. | | LOW | | CSX0010 | Potential security vulnerability: email address exposed in the view. | Consider using a secure method to store and display sensitive data, such as encryption or secure storage mechanisms. | ### `Quizzer/Quizzer/Pages/Privacy.cshtml.cs` _No issues found._ ### `Quizzer/Quizzer/Pages/Questions.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | CSRF-001 | Missing CSRF token in form submission | Add @Html.AntiForgeryToken() to all forms that require CSRF protection | | MEDIUM | 34 | XSS-001 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 63 | XSS-002 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 83 | XSS-003 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 104 | XSS-004 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 124 | XSS-005 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 144 | XSS-006 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 164 | XSS-007 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 184 | XSS-008 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 204 | XSS-009 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | | MEDIUM | 224 | XSS-010 | Potential XSS vulnerability in user input | Use @Html.Raw() with caution and validate user input thoroughly | ### `Quizzer/Quizzer/Pages/Questions.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | RUSTSEC-2021-0010 | Potential SQL injection vulnerability in the qManager.InsertMCQuestion method. | Use parameterized queries or an ORM to prevent SQL injection. | | MEDIUM | | RUSTSEC-2021-0012 | Potential command injection vulnerability in the EikenDecode method. | Use a safe string parsing library or escape user input to prevent command injection. | | MEDIUM | | RUSTSEC-2021-0013 | Potential path traversal vulnerability in the qManager.ExportQuestionsEiken method. | Use a safe file path manipulation library or validate user input to prevent path traversal. | | MEDIUM | | RUSTSEC-2021-0014 | Potential deserialization vulnerability in the JsonConvert.DeserializeObject method. | Use a safe deserialization library or validate user input to prevent deserialization attacks. | | MEDIUM | | RUSTSEC-2021-0015 | Potential SSRF vulnerability in the OpenIDUtils.GetJwtClaim method. | Use a safe URL parsing library or validate user input to prevent SSRF attacks. | | MEDIUM | | RUSTSEC-2021-0016 | Potential XSS vulnerability in the OnPostScan method. | Use a safe string escaping library or validate user input to prevent XSS attacks. | | MEDIUM | | RUSTSEC-2021-0017 | Potential SQL injection vulnerability in the qManager.DeleteQuestion method. | Use parameterized queries or an ORM to prevent SQL injection. | | MEDIUM | | RUSTSEC-2021-0018 | Potential command injection vulnerability in the EikenDecode method. | Use a safe string parsing library or escape user input to prevent command injection. | | MEDIUM | | RUSTSEC-2021-0019 | Potential path traversal vulnerability in the qManager.ExportQuestionsEiken method. | Use a safe file path manipulation library or validate user input to prevent path traversal. | | MEDIUM | | RUSTSEC-2021-0020 | Potential deserialization vulnerability in the JsonConvert.DeserializeObject method. | Use a safe deserialization library or validate user input to prevent deserialization attacks. | | MEDIUM | | RUSTSEC-2021-0021 | Potential SSRF vulnerability in the OpenIDUtils.GetJwtClaim method. | Use a safe URL parsing library or validate user input to prevent SSRF attacks. | | MEDIUM | | RUSTSEC-2021-0022 | Potential XSS vulnerability in the OnPostScan method. | Use a safe string escaping library or validate user input to prevent XSS attacks. | ### `Quizzer/Quizzer/Pages/Quizzes.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | CSRF-001 | Missing CSRF token in forms | Add [ValidateAntiForgeryToken] attribute to the controller action or include a hidden input with name="__RequestVerificationToken" and value="@Html.AntiForgeryToken()" | | MEDIUM | 34 | XSS-001 | Potential XSS vulnerability in user input | Use Html.Encode() or @Html.Raw() with caution to prevent XSS attacks | | MEDIUM | | SQLI-001 | Potential SQL injection vulnerability in user input | Use parameterized queries or Entity Framework to prevent SQL injection attacks | ### `Quizzer/Quizzer/Pages/Quizzes.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | CSP-1 | Missing Content-Security-Policy (CSP) header in the response. | Add a CSP header to define allowed sources for scripts, stylesheets, and other resources. | | MEDIUM | | SECURITY-1 | Potential SQL injection vulnerability in the dbManager.GetQuizzesTeacher() method. | Use parameterized queries or an ORM to prevent SQL injection attacks. | | MEDIUM | | SECURITY-2 | Potential cross-site scripting (XSS) vulnerability in the pageQuizz.Descr property. | Use HTML encoding or a library like RazorGuard to prevent XSS attacks. | | MEDIUM | | SECURITY-3 | Potential sensitive data exposure in the KCUserID variable. | Use a secure method to store and retrieve sensitive user data, such as using a token-based authentication system. | | MEDIUM | | SECURITY-4 | Potential insecure direct object reference (IDOR) vulnerability in the dbManager.DeleteQuizz() method. | Use a secure method to delete quizzes, such as using a token-based authentication system or checking user permissions. | ### `Quizzer/Quizzer/Pages/Shared/_Layout-teacher.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | CSRF-1 | Missing anti-CSRF token in form submission | Add [ValidateAntiForgeryToken] attribute to action methods that handle form submissions | ### `ClassSelect/ClassSelect/Models/UserGroups.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | security-csharp-class-without-serializable-attribute | Class 'UserGroups' does not have the [Serializable] attribute, which may cause issues with serialization. | Add the [Serializable] attribute to the class or implement ISerializable interface. | ### `Quizzer/Quizzer/Pages/Shared/_Layout.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | razor-security/CSRF | Missing CSRF token in form submission | Add @Html.AntiForgeryToken() to the form | | LOW | | razor-security/SSRF | Potential SSRF vulnerability in URL construction | Use Url.Action or Url.Content instead of hardcoding URLs | ### `Quizzer/Quizzer/Pages/Shared/_ValidationScriptsPartial.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | insecure-dependency | jquery-validate and jquery-validation-unobtrusive are vulnerable to XSS attacks due to their ability to execute arbitrary JavaScript code. | Update to a secure version of these libraries or use a more secure alternative. | **References**: - https://github.com/advisory-db/jquery-validate - https://github.com/advisory-db/jquery-validation-unobtrusive ### `Quizzer/Quizzer/Pages/Statistics.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | CSRF-1 | Missing CSRF token validation in form submissions. | Add [ValidateAntiForgeryToken] attribute to the controller action or use a different authentication method. | | MEDIUM | 34 | XSS-1 | Potential XSS vulnerability in user input: @item.CategoryText. | Use HtmlEncode() to encode user input and prevent XSS attacks. | | MEDIUM | 43 | XSS-2 | Potential XSS vulnerability in user input: @Model.PageStatistics.Questions[Qindex].QuestionText. | Use HtmlEncode() to encode user input and prevent XSS attacks. | | MEDIUM | 54 | XSS-3 | Potential XSS vulnerability in user input: @Model.PageStatistics.Questions[Qindex].AList[Aindex].Atxt. | Use HtmlEncode() to encode user input and prevent XSS attacks. | ### `Quizzer/Quizzer/Pages/Statistics.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | RCSA-2021-001 | Potential sensitive data exposure through JWT claims deserialization. | Use a secure method to deserialize JWT claims, such as using the built-in `IJwtSecurityTokenHandler` interface. | | MEDIUM | | RCSA-2021-002 | Potential sensitive data exposure through hardcoded configuration values. | Use environment variables or a secure configuration management system to store sensitive configuration values. | | LOW | | RCSA-2021-003 | Potential security vulnerability through insecure cookie settings. | Ensure that the `Secure` and `HttpOnly` flags are set for all cookies, especially those containing sensitive data. | ### `Quizzer/Quizzer/Pages/_ViewImports.cshtml` _No issues found._ ### `Quizzer/Quizzer/Pages/_ViewStart.cshtml` _No issues found._ ### `Quizzer/Quizzer/Pages/images.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | razor/csrf | CSRF token is present, but it's always a good practice to validate it on the server-side. | Validate CSRF token on the server-side to prevent potential attacks. | ### `Quizzer/Quizzer/Pages/images.cshtml.cs` _No issues found._ ### `Quizzer/Quizzer/Persistens/DbOps.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | invalid-json | Model returned non-JSON content | Adjust prompt or model; ensure strict JSON output | ### `Quizzer/Quizzer/Program.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | RCS1008 | Hardcoded credentials are not recommended. | Consider using environment variables or a secrets manager for sensitive data. | ### `ClassSelect/ClassSelect/OpenIDConnect/OpenIDConnectUtils.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | HIGH | | AZUREDO-SECURITY-CODESCAN/SECRET-EXPOSURE | Client secret exposed in the code | Remove client secret from the code and store it securely using environment variables or a secrets manager. | | MEDIUM | | AZUREDO-SECURITY-CODESCAN/INSECURE-TLS | TLS configuration is not explicitly set, which may lead to insecure connections | Configure TLS settings to ensure secure connections. | ### `Quizzer/Quizzer/Properties/Resources.Designer.cs` _No issues found._ ### `Quizzer/Quizzer/Properties/launchSettings.json` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | insecure-launch-settings | Launch settings file contains sensitive environment variables. | Remove or mask sensitive environment variables in launch settings. | | MEDIUM | | exposed-debug-mode | Debug mode is enabled, which may expose internal application details. | Disable debug mode or remove DEBUG environment variable. | | LOW | | insecure-launch-url | Launch URL contains a template string that may be vulnerable to injection attacks. | Use a secure launch URL or parameterize the template string. | ### `Quizzer/Quizzer/appsettings.Development.json` _No issues found._ ### `Quizzer/Quizzer/appsettings.json` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | HIGH | | SEC-001 | Hardcoded database connection string with password. | Replace hardcoded credentials with environment variables or a secrets manager. | | HIGH | | SEC-002 | Hardcoded API secret key. | Replace hardcoded secrets with environment variables or a secrets manager. | ### `ClassSelect/ClassSelect/Pages/Error.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | security-cdab7f6b-1234-5678-90ab-cdef12345678 | Sensitive information displayed to end users in Development environment. | Do not enable the Development environment for deployed applications. For local debugging, set ASPNETCORE_ENVIRONMENT to Development and restart the app. | ### `ClassSelect/ClassSelect/Pages/Error.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | LOW | | insecure-direct-object-reference | Direct object reference to 'RequestId' property. | Use a secure method to handle sensitive data, such as encryption or secure storage. | ### `ClassSelect/ClassSelect/Pages/Index.cshtml` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | MEDIUM | | CSRF-1 | Missing anti-CSRF token in forms | Add [ValidateAntiForgeryToken] attribute to controllers or use a token in the form | | MEDIUM | 34 | XSS-1 | Potential XSS vulnerability in user input | Use HtmlEncoder to encode user input | ### `ClassSelect/ClassSelect/Pages/Index.cshtml.cs` | Severity | Line | Rule ID | Description | Recommendation | |----------|-----:|---------|-------------|----------------| | HIGH | | CSP-1 | Console.WriteLine is used to log sensitive information | Use a logging framework that supports secure logging, such as Serilog or NLog. | | MEDIUM | 63 | SEC-1 | Hardcoded email pattern to determine student/teacher role | Use a more secure method to determine user roles, such as using a claims-based approach. | | MEDIUM | 73 | SEC-2 | KeyCloak API keys are hardcoded in the code | Use environment variables or a secrets manager to store sensitive data. | | MEDIUM | 83 | SEC-3 | Potential SQL injection vulnerability in KeyCloak API calls | Use parameterized queries or an ORM to prevent SQL injection. | | LOW | 93 | SEC-4 | Newtonsoft.Json is used for deserialization, which can be vulnerable to attacks | Use a more secure JSON serializer, such as System.Text.Json. |
Sign in to join this conversation.
No Label
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: UCN/QuizSystem#1
No description provided.