Update cxaction.yml

[apcxtest]

No description provided.

[github-actions]

Checkmarx One – Scan Summary & Details – f04e0735-3a23-4230-b1ca-971fe5982a0f

New Issues (115)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	SQL_Injection	/OrdersGrid.cs: 229	details The application's Orders_CreateDataSource method executes an SQL query with Fill, at line 304 of /OrdersGrid.cs. The application constructs this SQ... Attack Vector
	SQL_Injection	/MembersGrid.cs: 219	details The application's Members_CreateDataSource method executes an SQL query with Fill, at line 287 of /MembersGrid.cs. The application constructs this ... Attack Vector
	SQL_Injection	/MembersGrid.cs: 219	details The application's Members_CreateDataSource method executes an SQL query with Fill, at line 287 of /MembersGrid.cs. The application constructs this ... Attack Vector
	SQL_Injection	/MembersInfo.cs: 311	details The application's Orders_CreateDataSource method executes an SQL query with Fill, at line 371 of /MembersInfo.cs. The application constructs this S... Attack Vector
	SQL_Injection	/ShoppingCartRecord.cs: 164	details The application's ShoppingCartRecord_Show method executes an SQL query with Fill, at line 173 of /ShoppingCartRecord.cs. The application constructs... Attack Vector
	SQL_Injection	/OrdersGrid.cs: 229	details The application's Orders_CreateDataSource method executes an SQL query with Fill, at line 304 of /OrdersGrid.cs. The application constructs this SQ... Attack Vector
	SQL_Injection	/CategoriesGrid.cs: 171	details The application's Categories_CreateDataSource method executes an SQL query with Fill, at line 215 of /CategoriesGrid.cs. The application constructs... Attack Vector
	SQL_Injection	/CategoriesGrid.cs: 171	details The application's Categories_CreateDataSource method executes an SQL query with Fill, at line 215 of /CategoriesGrid.cs. The application constructs... Attack Vector
	SQL_Injection	/CardTypesGrid.cs: 169	details The application's CardTypes_CreateDataSource method executes an SQL query with Fill, at line 204 of /CardTypesGrid.cs. The application constructs t... Attack Vector
	SQL_Injection	/CardTypesGrid.cs: 169	details The application's CardTypes_CreateDataSource method executes an SQL query with Fill, at line 204 of /CardTypesGrid.cs. The application constructs t... Attack Vector
	SQL_Injection	/MembersRecord.cs: 168	details The application's Members_Show method executes an SQL query with Fill, at line 177 of /MembersRecord.cs. The application constructs this SQL query ... Attack Vector
	SQL_Injection	/EditorialsRecord.cs: 167	details The application's editorials_Show method executes an SQL query with Fill, at line 176 of /EditorialsRecord.cs. The application constructs this SQL ... Attack Vector
	SQL_Injection	/OrdersRecord.cs: 167	details The application's Orders_Show method executes an SQL query with Fill, at line 176 of /OrdersRecord.cs. The application constructs this SQL query by... Attack Vector
	SQL_Injection	/test3folder/BookMaint.cs: 166	details The application's Book_Show method executes an SQL query with Fill, at line 175 of /test3folder/BookMaint.cs. The application constructs this SQL q... Attack Vector
	SQL_Injection	/EditorialCatRecord.cs: 165	details The application's editorial_categories_Show method executes an SQL query with Fill, at line 174 of /EditorialCatRecord.cs. The application construc... Attack Vector
	SQL_Injection	/CardTypesRecord.cs: 165	details The application's CardTypes_Show method executes an SQL query with Fill, at line 174 of /CardTypesRecord.cs. The application constructs this SQL qu... Attack Vector
	SQL_Injection	/CategoriesRecord.cs: 165	details The application's Categories_Show method executes an SQL query with Fill, at line 174 of /CategoriesRecord.cs. The application constructs this SQL ... Attack Vector
	SQL_Injection	/MembersInfo.cs: 311	details The application's Orders_CreateDataSource method executes an SQL query with Fill, at line 371 of /MembersInfo.cs. The application constructs this S... Attack Vector
	SQL_Injection	/MembersInfo.cs: 173	details The application's Record_Show method executes an SQL query with Fill, at line 182 of /MembersInfo.cs. The application constructs this SQL query by ... Attack Vector
	SQL_Injection	/EditorialsGrid.cs: 171	details The application's editorials_CreateDataSource method executes an SQL query with Fill, at line 222 of /EditorialsGrid.cs. The application constructs... Attack Vector
	SQL_Injection	/EditorialsGrid.cs: 171	details The application's editorials_CreateDataSource method executes an SQL query with Fill, at line 222 of /EditorialsGrid.cs. The application constructs... Attack Vector
	SQL_Injection	/EditorialCatGrid.cs: 171	details The application's editorial_categories_CreateDataSource method executes an SQL query with Fill, at line 215 of /EditorialCatGrid.cs. The applicatio... Attack Vector
	SQL_Injection	/EditorialCatGrid.cs: 171	details The application's editorial_categories_CreateDataSource method executes an SQL query with Fill, at line 215 of /EditorialCatGrid.cs. The applicatio... Attack Vector
	SQL_Injection	/BookDetail.cs: 314	details The application's Order_Show method executes an SQL query with Fill, at line 323 of /BookDetail.cs. The application constructs this SQL query by em... Attack Vector
	SQL_Injection	/BookDetail.cs: 468	details The application's Rating_Show method executes an SQL query with Fill, at line 477 of /BookDetail.cs. The application constructs this SQL query by e... Attack Vector
	SQL_Injection	/BookDetail.cs: 179	details The application's Detail_Show method executes an SQL query with Fill, at line 188 of /BookDetail.cs. The application constructs this SQL query by e... Attack Vector
	SQL_Injection	/MembersGrid.cs: 219	details The application's Members_CreateDataSource method executes an SQL query with ExecuteScalar, at line 289 of /MembersGrid.cs. The application constru... Attack Vector
	SQL_Injection	/MembersGrid.cs: 219	details The application's Members_CreateDataSource method executes an SQL query with ExecuteScalar, at line 289 of /MembersGrid.cs. The application constru... Attack Vector
	SQL_Injection	/BookDetail.cs: 579	details The application's Rating_update_Click method executes an SQL query with ExecuteNonQuery, at line 584 of /BookDetail.cs. The application constructs ... Attack Vector
	SQL_Injection	/BookDetail.cs: 579	details The application's Rating_update_Click method executes an SQL query with ExecuteNonQuery, at line 584 of /BookDetail.cs. The application constructs ... Attack Vector
	SQL_Injection	/OrdersGrid.cs: 229	details The application's Orders_CreateDataSource method executes an SQL query with ExecuteScalar, at line 306 of /OrdersGrid.cs. The application construct... Attack Vector
	SQL_Injection	/ShoppingCartRecord.cs: 245	details The application's ShoppingCartRecord_update_Click method executes an SQL query with ExecuteNonQuery, at line 265 of /ShoppingCartRecord.cs. The app... Attack Vector
	SQL_Injection	/MyInfo.cs: 262	details The application's Form_update_Click method executes an SQL query with ExecuteNonQuery, at line 289 of /MyInfo.cs. The application constructs this S... Attack Vector
	SQL_Injection	/CategoriesRecord.cs: 271	details The application's Categories_update_Click method executes an SQL query with ExecuteNonQuery, at line 290 of /CategoriesRecord.cs. The application c... Attack Vector
	SQL_Injection	/CardTypesRecord.cs: 271	details The application's CardTypes_update_Click method executes an SQL query with ExecuteNonQuery, at line 290 of /CardTypesRecord.cs. The application con... Attack Vector
	SQL_Injection	/EditorialCatRecord.cs: 271	details The application's editorial_categories_update_Click method executes an SQL query with ExecuteNonQuery, at line 290 of /EditorialCatRecord.cs. The a... Attack Vector
	SQL_Injection	/ShoppingCartRecord.cs: 285	details The application's ShoppingCartRecord_delete_Click method executes an SQL query with ExecuteNonQuery, at line 295 of /ShoppingCartRecord.cs. The app... Attack Vector
	SQL_Injection	/EditorialsRecord.cs: 299	details The application's editorials_update_Click method executes an SQL query with ExecuteNonQuery, at line 321 of /EditorialsRecord.cs. The application c... Attack Vector
	SQL_Injection	/OrdersRecord.cs: 305	details The application's Orders_update_Click method executes an SQL query with ExecuteNonQuery, at line 326 of /OrdersRecord.cs. The application construct... Attack Vector
	SQL_Injection	/CategoriesRecord.cs: 310	details The application's Categories_delete_Click method executes an SQL query with ExecuteNonQuery, at line 320 of /CategoriesRecord.cs. The application c... Attack Vector
	SQL_Injection	/CardTypesRecord.cs: 310	details The application's CardTypes_delete_Click method executes an SQL query with ExecuteNonQuery, at line 320 of /CardTypesRecord.cs. The application con... Attack Vector

More results are available on the CxOne platform

Fixed Issues (19)

Great job! The following issues were fixed in this Pull Request

Severity	Issue	Source File / Package
	Missing_HSTS_Header	/test1folder/AdminBooks.aspx: 1
	Improper_Exception_Handling	/test3folder/Books.cs: 531
	Improper_Exception_Handling	/test3folder/Books.cs: 294
	Improper_Exception_Handling	/test3folder/BookMaint.cs: 175
	Improper_Exception_Handling	/test1folder/AdminBooks.cs: 307
	Improper_Exception_Handling	/test3folder/Books.cs: 296
	Improper_Exception_Handling	/test1folder/AdminBooks.cs: 309
	Improper_Resource_Shutdown_or_Release	/test3folder/Books.cs: 295
	Improper_Resource_Shutdown_or_Release	/test3folder/BookMaint.cs: 282
	Improper_Resource_Shutdown_or_Release	/test3folder/Books.cs: 291
	Improper_Resource_Shutdown_or_Release	/test3folder/BookMaint.cs: 171
	Improper_Resource_Shutdown_or_Release	/test1folder/AdminBooks.cs: 304
	Improper_Resource_Shutdown_or_Release	/test1folder/AdminBooks.cs: 308
	Improper_Resource_Shutdown_or_Release	/test3folder/BookMaint.cs: 368
	Improper_Resource_Shutdown_or_Release	/test3folder/Books.cs: 528
	Improper_Resource_Shutdown_or_Release	/test3folder/BookMaint.cs: 338
	Missing_Content_Security_Policy	/test1folder/AdminBooks.aspx: 1
	Missing_X_Frame_Options	/test1folder/AdminBooks.aspx: 1
	Potential_Clickjacking_on_Legacy_Browsers	/test1folder/AdminBooks.aspx: 1