Insecure JWT Verification method — OWASP Juiceshop #4A JWT decode() method is used that decodes the token but does not check its validity or integrity. If the JWT has originated from an…2d ago2d ago
Server-Side-Request-Forgery (SSRF) — OWASP Juiceshop #3Server-side request forgery(SSRF) vulnerability allows an attacker to manipulate the request and cause the server-side application to make…3d ago3d ago
Cross Site Request Forgery (CSRF) — OWASP Juiceshop #2Cross-site request forgery (also known as CSRF) allows an attacker to induce users to perform actions that they do not intend to perform…4d ago4d ago
Arbitrary File Write via Archive Extraction (Zip Slip)- OWASP Juiceshop #1Zip Slip is an another path traversal vulnerability that occurs when extracting ZIP (or other archive) files without properly validating…6d ago6d ago
Getting Started with Snyk: Configuring and Running Your First SAST ScanStatic Application Security Testing (SAST) is a crucial step in identifying security vulnerabilities early in the development lifecycle…Mar 30Mar 30
Setting-Up Git for performing SASTCreating and setting-up GitHub repository to perform automated Source Code Scans referred to as SAST(Static Application Security Testing).Mar 26Mar 26