[
https://issues.apache.org/jira/browse/FINERACT-853?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17081262#comment-17081262
]
Michael Vorburger commented on FINERACT-853:
--------------------------------------------
[https://github.com/apache/fineract/pull/749] had a go at this, and identified
FINERACT-879, which must be fixed before we can enable this.
I was actually surprised that it found ONLY that CORS problem, because I
expected (hoped!) it would also point out some SQL Injection (due to String
concatenation see FINERACT-854) related problems. It would be great if whoever
wants to work on this would investigate why it hasn't found those issues.
> Use find-sec-bugs SpotBugs plugin to detect SQL injection issues (and other
> security related problems)
> ------------------------------------------------------------------------------------------------------
>
> Key: FINERACT-853
> URL: https://issues.apache.org/jira/browse/FINERACT-853
> Project: Apache Fineract
> Issue Type: Improvement
> Reporter: Michael Vorburger
> Priority: Major
> Labels: beginner, starter
>
> similarly to FINERACT-696, it could be interesting to integrate
> https://find-sec-bugs.github.io.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
