Scala : Usage of untrusted proxy

Classification

OWASP Top 10 2021

A4-Insecure Design

PCI DSS 4.0

6.2.4

CWE

CWE-15 CWE-642

Overview

The application uses an untrusted proxy server. An attacker can modify the proxy server address and can intercept the traffic (the man-in-the-middle attack).

References

CWE-15: External Control of System or Configuration Setting
OWASP: Setting Manipulation
Man-in-the-middle attack - Wikipedia

MEDIUM

Scala : Usage of untrusted proxy

Classification

Overview

References

DerScanner Severity Score

Do you want to fix Scala : Usage of untrusted proxy in your application?

See also

Scala : Unreleased resource stream

Scala : Multiple loggers in same class

Scala : Insufficient encryption key length