[CORE-402] Fix Veracode identified Security flaws in i2b2 Server-Side Code - i2b2 JIRA

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.7.13
Component/s: None
Labels:
None

Description

Veracode security report 8/2020- , recommendation to fix i2b2-code to fix High Security flaws to be policy compliant
Module Name Compiler Operating Environment
i2b2.war JAVAC_8 Java J2SE 8
i2b2.war_htmljscode.veracodegen.htmla.js JAVASCRIPT_5_1 JavaScript

Module Location
i2b2.war /axis2-web/HappyAxis.jsp 453
i2b2.war/Ontology.a ar edu/.../dao/ConceptDao.java 1028
i2b2.war/Ontology.a ar .../CreateConceptXmlDao.java 151
i2b2.war/Workplace. aar edu/.../dao/FolderDao.java 851
i2b2.war/Workplace. aar edu/.../dao/FolderDao.java 854
i2b2.war/Workplace. aar edu/.../dao/FolderDao.java 1621
i2b2.war/CRC.aar .../QueryResultEncounterSetGenerator.ja va 113
i2b2.war/CRC.aar .../QueryResultGenerator.java 196
i2b2.war/CRC.aar .../QueryResultPatientAgeCountGenerat or.java 103
i2b2.war/CRC.aar .../QueryResultPatientGenderCountGene rator.java 68
i2b2.war/CRC.aar .../QueryResultPatientRaceCdCountGen erator.java 68
i2b2.war/CRC.aar .../QueryResultPatientSetGenerator.java 96
i2b2.war/CRC.aar .../QueryResultPatientSQLCountGenerat or.java 153
i2b2.war/CRC.aar .../QueryResultPatientSQLCountGenerat or.java 169
i2b2.war/CRC.aar .../QueryResultPatientVitalCdCountGene rator.java 69
i2b2.war/CRC.aar .../QueryResultTypeSpringDao.java 114

Attachments

Activity

Jeffrey Klann added a comment - 04/May/22 9:14 PM

Todo: add a bit more documentation on what we fixed.

Jeffrey Klann added a comment - 04/May/22 9:14 PM Todo: add a bit more documentation on what we fixed.

People

Assignee:: Mike Mendis

Reporter:: Reeta Metta

Participant/s:: Jeffrey Klann, Mike Mendis, Reeta Metta

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 02/Feb/21 2:09 PM

Updated:: 04/May/22 9:14 PM

Resolved:: 04/May/22 9:14 PM

i2b2 Core Software