Automate your code reviews!
Codacy is 100% free for open source projects.
Get started for free!
Last updated: 2019-02-18T01:19:47.746Z
Authentication is present in almost all web applications nowadays.
Command injection is an attack in which the goal is execution of arbitrary commands on the host operating system.
Cryptography is a security technique widely used and there are several cryptographic functions, but not all of them are secure.
An attacker may use special paths to access files that should not be accessible.
HTTP headers are a common attack vector for malign users.
Input not validated may originate SQL Injection attacks for instance.
Consider possible security implications associated with some modules.
Other language specific security issues.
You need to enable the following patterns for this category to be verified
A SQL injection attack consists of insertion or 'injection' of a SQL query via the input data from the client to the application.
Simply using SSL isn't enough to ensure the data you are sending is secure. Man in the middle attacks are well known and widely used.
XSS enables attackers to inject client-side scripts into web pages viewed by other users.