Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
3 |
test/protractor/runProtractor.js |
Remote OS Command Execution |
User controlled data in 'child_process.exec()' can result in Remote OS Command Execution. |
4 |
test/protractor/_run.js |
Accept Self Signed Certificates |
'Setting 'NODE_TLS_REJECT_UNAUTHORIZED' to 0 will allow node server to accept self signed certificates and is not an secure behaviour. |
9 |
test/specs/e2e/proxy/e2e.proxy.secure.js |
Server Side Injection(SSI) - setInterval() |
User controlled data in 'setInterval()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
52 |
test/specs/e2e/proxy/e2e.proxy.error.js |
Accept Self Signed Certificates |
'Setting 'NODE_TLS_REJECT_UNAUTHORIZED' to 0 will allow node server to accept self signed certificates and is not an secure behaviour. |
9 |
test/specs/e2e/server/e2e.server.secure.custom.js |
Accept Self Signed Certificates |
'Setting 'NODE_TLS_REJECT_UNAUTHORIZED' to 0 will allow node server to accept self signed certificates and is not an secure behaviour. |
8 |
test/specs/e2e/server/e2e.server.secure.js |
Accept Self Signed Certificates |
'Setting 'NODE_TLS_REJECT_UNAUTHORIZED' to 0 will allow node server to accept self signed certificates and is not an secure behaviour. |
9 |
test/specs/e2e/server/e2e.server.secure.pfx.js |
SSRF - Server Side Request Forgery |
User controlled data in 'request()'' can result in Server Side Request Forgery (SSRF). |
4 |
test/specs/http-protocol/http.reload.js |
Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
17 |
test/specs/api/watch.js |
Accept Self Signed Certificates |
'Setting 'NODE_TLS_REJECT_UNAUTHORIZED' to 0 will allow node server to accept self signed certificates and is not an secure behaviour. |
73 |
test/specs/commands/reload.js |
Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
21 |
examples/server.latency.js |
Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
636 |
lib/browser-sync.js |
Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
1 |
lib/public/socket.io.js |
Server Side Injection(SSI) - setTimeout() |
User controlled data in 'setTimeout()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
2 |
lib/public/socket.io.js |
Server Side Injection(SSI) - new Function() |
User controlled data in 'new Function()' can result in Server Side Injection (SSI) or Remote Code Execution (RCE). |
3 |
lib/public/socket.io.js |