LDAP Injection Primer for Java Developers

LDAP Injection attacks are popular due to the common use of LDAP to authenticate user. The Lightweight Directory Access Protocol (LDAP) origins started with the set of OSI standards called X.500. The X.500 standards are large and heavy which communicated over the Open Systems Interconnection (OSI) protocol stack. X.500 described the Directory Access Protocol (DAP) […]

JSP XSLT Primer for Java Developers

jsp xslt

Extensible Stylesheet Language Transformations (XSLT) is a transformation language that ingests an XML document and transforms that document into another XML document. If an attacker can control the content of the style sheet, he/she would potentially be able to trigger remote code execution (RCE) or server-side path traversal. Fixes for JSP XSLT Take for example […]

JSP JSTL Out Primer for Java Developers

Java Server Pages(JSP) currently can define tag definitions through the Standard Tag Library (JSTL). One of the tag functions is the ability to disable escapeXml which could potentially be dangerous in Cross-Site Scripting attacks. By disabling escapeXml an attacker can manipulate an XML document which is reflected within a client browser and inject HTML and/or […]

JSP Spring Eval Primer for Java Developers

JSP Spring Eval

Spring can specify functionality within a Java Server Page(JSP) to inject into the eval tag an expression to be executed at render time. If the expression can be wholly or partially control by user input, an attacker could inject dynamic values to inject code to be executed when the page is rendered on the server. […]

JSP Include Primer for Java Developers

jsp-include

Java Server Pages (JSP) allows the ability to include dynamic values within its file definition to be rendered by the server at runtime. A feature of JSP pages is to have the ability to include files via the jsp:include or c:import tag. If the tag is rendered on the server with an unvalidated user input […]

Insecure Data Storage Primer for Java Developers

insecure data storage

Insecure data storage is when files can be identified and contain plain text or encoded credentials. These credentials include usernames, passwords, private encryption keys, and other potentially sensitive data that can be leveraged to obtain unauthorized application access. Depending on the nature of the embedded data, these secrets can be used to obtain access to […]

Insecure Crypto Primer for Java Developers

insecure cryptography

Insecure Cryptography is a general vulnerability in which the encryption algorithm chosen for use cases such as authentication, integrity checks, signature verification is weak and susceptible to attacks. Typical attacks exploit the algorithms collision characteristics, i.e. the ability of the attacker to control/predict what the algorithm produces for two different data inputs. If an attacker […]

Information Leakage Primer for Java Developers

Information leakage is a weakness where an application reveals sensitive information such as technical details, environment details, or user-specific data. Sensitive data may be used by an attacker to plan out more refined attacks against the application. Resources, such as files and directories may be inadvertently exposed through mechanisms such as insecure permissions, or when […]

HTTP Header Injection Primer for Java Developers

Header Injection

Hypertext Transfer Protocol (HTTP) header injection can only occur when user-supplied unsanitized data is copied into a response header. If an attacker can inject a carriage return and line feed (CRLF) into the response header, they can add new HTTP headers and/or any arbitrary content into the application’s response. This can lead to a large […]