'Veracode issue in JSP - Insertion of Sensitive Information Into Sent Data (CWE ID 201)

Following is the piece of code

<jsp:useBean id="test1" scope="session" class="java.lang.String" />

<%=test1%>

In the line "<%=test1%>" I am getting the vera code issue . How to fix the issue.

Tried to fix with below code, It is showing another issue "Improper Handling of Invalid Use of Special Elements (CWE ID 159)" <%= ESAPI.encoder().encodeForHTML(test1) %>

java jsp veracode

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution	Source

'Veracode issue in JSP - Insertion of Sensitive Information Into Sent Data (CWE ID 201)

Sources

Related Questions