wcm.io Caravan
SpotBugs Bug Detector Report
The following document contains the results of SpotBugs
SpotBugs Version is 4.8.3
Threshold is medium
Effort is default
Summary
| Classes | Bugs | Errors | Missing Classes |
|---|---|---|---|
| 23 | 2 | 0 | 4 |
Files
| Class | Bugs |
|---|---|
| io.wcm.caravan.hal.docs.impl.HalDocsServlet | 1 |
| io.wcm.caravan.hal.docs.impl.reader.ServiceModelReader | 1 |
io.wcm.caravan.hal.docs.impl.HalDocsServlet
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| This use of javax/servlet/http/HttpServletResponse.sendError(ILjava/lang/String;)V could be vulnerable to XSS in the Servlet | SECURITY | XSS_SERVLET | 104 | Medium |
io.wcm.caravan.hal.docs.impl.reader.ServiceModelReader
| Bug | Category | Details | Line | Priority |
|---|---|---|---|---|
| This web server request could be used by an attacker to expose internal services and filesystem. | SECURITY | URLCONNECTION_SSRF_FD | 63 | Medium |