AWS logo
Amazon QDetector LibrarySign in to Amazon Q
AWSbreadcrumb dividerDocumentationbreadcrumb dividerAmazon Qbreadcrumb dividerDetector Librarybreadcrumb dividerScalabreadcrumb dividerTagsbreadcrumb dividerTag: configurationFeedbackFeedback icon

Q

Detector Library

Scala detectors (28/28)

Improper Neutralization of Special Elements in Data QueryAvoid Persistent CookiesImproper AuthenticationArgument InjectionInsecure host name verifierInsecure CryptographyTemplate InjectionUntrusted data in http sessionInsecure servlet handlingInsecure connection using unencrypted protocolDeserialization of Untrusted DataInsecure servlet handlingUse of Insufficiently Random ValuesInsecure cookieUse Of RSA AlgorithmPath TraversalURL redirection to untrusted siteImproper Validation Of Array IndexInsufficient Protected CredentialsInsecure jax endpoint usageXML External EntityInsecure CORS policyExternal Access to Files or DirectoriesIncorrect Certificate Hostname VerificationImproper privilege managementCross-site scriptingImproper Certificate ValidationDisabled HTML autoescape

Tag: configuration

Untrusted data in http session

User input in setAttribute could lead to trust boundary violation.

Insecure CORS policy

Cross-origin resource sharing policies that are too permissive could lead to security vulnerabilities.