In Veracode report I am getting Error CWE 93 in some of the java files. In Instance of static scan some code is
MimeMessage msg = new MimeMessage(session);
msg.setFrom(new InternetAddress(msmtpfrom));2.msg.setRecipients(Message.RecipientType.TO, address);
How do i resolve ?
Thanks in Advance
Just replace the CRLF occurrences in your string variables like msmtpfrom, address with empty string (""). Have a look at similar question that has relevant answers: How to fix "Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')"