StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POBlind Sql injection in application developed using spring mvc
text
Body
copied!<p>I am using Spring MVC for developing my web application.My problem is ,when I have done APPSCAN of my web application,it report BLIND SQL INJECTION in many of parameters in my SPRING MVC form.I am using bean for fetching data from SPRING MVC form and save() function in Spring framework for saving data to database.How I can resolve my ploblem?</p> <p>My sample code is below..</p> <p>Login.jsp contains link</p> <pre><code><script> function openUserReg(){ window.open("/ma/UserReg.nic"); } </script> <body> <form:form> <a href="#" onclick="openUserReg();">Producer/ Dealer Registration(Public)</a> </form> </body> </code></pre> <p>configuration of <code>UserReg.nic</code> is</p> <pre><code><beans> <bean id="urlMapping" class="org.springframework.web.servlet.handler.SimpleUrlHandlerMapping"> <property name="mappings"> <props> <prop key="UserReg.nic">UserRegController</prop> </props> </property> </bean> <bean id="UserRegController" class="nic.mams.web.UserRegController"> <property name="commandName"><value>userReg</value></property> <property name="commandClass"><value>nic.mams.web.beans.UserRegBean</value></property> <property name="validator" ref ="UserRegValidator"/> <property name="userRegService" ref="UserRegService"/> <property name="pages"> <list> <value>userRegistration.jsp</value> <value>successRegistration.jsp</value> </list> </property> </bean> </code></pre> <p><strong>userRegistration.jsp</strong> contains</p> <pre><code><form:input path="name" id="name" cssClass="control" maxlength="25" onclick="hidErMsg('er01');hidErMsgInnerHtml('err1');" autocomplete="off"/> </code></pre> <p>And the controller class contains the code</p> <pre><code> public class UserRegController extends AbstractWizardFormController{ UserRegService userRegService; protected Map referenceData(HttpServletRequest req, Object obj, Errors er, int page) throws Exception {..... return map; } protected ModelAndView processFinish(HttpServletRequest req,HttpServletResponse res, Object obj, BindException be) throws Exception { UserRegBean bean = (UserRegBean)obj; Applicant app=new Applicant(); ... app.setName(bean.getName()); userRegService.saveApp(app); } } </code></pre> <p>saveApp(app) function in UserRegService contains the code</p> <pre><code>saveApp(app){ String success = "No"; Session session=getSessionFactory().openSession(); Transaction tx=session.beginTransaction(); try { getHibernateTemplate().save(app); tx.commit(); session.close(); success = "Yes"; } catch (Exception e) { e.printStackTrace(); tx.rollback(); } if (success.equals("Yes")){ return getHibernateTemplate().find("SELECT DISTINCT l.applicantLoginId,l.username,a.appServiceId,a.name,a.panNo " + "FROM ApplicantLogin as l INNER JOIN l.applicants as a " + "WHERE l.applicantLoginId=? AND l.applicantLoginId=a.applicantLogin AND a.applicantStatus is null " + "AND a.transferType is null AND a.registrationStatus is not null ",applntlg.getApplicantLoginId()); } return null; } </code></pre> <p>Appscan results this </p> <pre><code> [17 of 26] Blind SQL Injection Severity: High Test Type: Application Vulnerable URL: UserReg.nic (Parameter: name) CVE ID(s): N/A CWE ID(s): 89 Remediation Tasks: Review possible solutions for hazardous character injection </code></pre> <p>Any one any suggestion please provide me.</p>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload