I've used Laravel Fortify to write some authentication for my app and I've setup the enable part of the 2FA, and that all works fine, but the problem I'm having is that it doesn't seem to trigger t...

i'm have a router register but i found error Target [Laravel\Fortify\Contracts\RegisterViewResponse] is not instantiable.

I'm currently using HP Fortify tool to scan for security vulnerabilities in a project. At the time of scanning Fortify's CLI allows build tools to integrate into its CLI commands so as to build and...

I have multiple projects bound by a single parent pom. If i run fortify scan on parent pom using Maven fortify plugin, fpr files for each project is generated. I would like to have a single fpr fi...

The below simple java code getting Fortify Path Manipulation error. Please help me to resolve this. I am struggling from long time. public class Test { public static void main(String[] args) { F...

I'm having a problem related to 429 TOO MANY REQUESTS. I have used Laravel fortify and my web route is like Route::get('/', function () { return view('welcome'); }); Route::get('/dashboard','Dash...

Have springboot project in which wanted to either exclude snakeyaml 1.30 or upgrade it 1.31 inorder to avoid fortify issue reporting with snakeyaml 1.30 version there is security vulnerability <...

I'm trying to get laravel's implemented email verification system working (https://laravel.com/docs/8.x/verification). What i did so far: Enabled the Feature emailVerification in the file config/f...

I have this Controller in Java: @Controller public class AuthenticationController extends AbstractController { @RequestMapping(value = Constantes.MAPPING_AUTH_BASE_ASP, method = { RequestMethod....

Based on Fortify (static code analyzer by HP) report, apparently the following lines of pom.xml is vulnerability: <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.or...

I want to see the specific rules of Fortify Secure Coding Rules (the rules that Fortify uses by default), because I want to write a report about all rules that are used by Fortify: I have tried t...

In Laravel fortify on customization authentication process, i can not able to redirect to login page with error message which we were able to do in Auth. Here is the customization documentation lin...

I am using Fortify SCA to find the security issues in my application (as a university homework). I have encountered some 'Log Forging' issues which I am not able to get rid off. Basically, I log s...

In using laravel 8 with fortify so I don have App\Http\Controllers\Auth\RegisterController Thanks in advance

I used reflection to invoke a private constructor of a class in order to solve insufficient branch coverage issue shown by sonar scan report. This is the snippet of my code I was working: // refle...

Here in my javascript function im using location.href as follows location.href = "../Floder1/result.jsp"; it is working fine but when i used fortify tool it is showing Cross-site Scripting which ...

Has anyone used command line to run fortify? I tryin to incorporate fortify run in my CI build and I dont know how to do it.

Can someone tell me what is the difference between SonarQube and Fortify? Both are static code analysis tool. I found out Fortify is more inclined towards security as it gives information abo...

I encounter a problem. we use Spring MVC framework in my Project,but Spring MVC default Controller is Singleton Model. I change Controller use @Scope("session") by session to avoid race Condition p...

When I scan using Fortify I have vulnerabilities like "Often Misused: Authentication" in the code below. Is there any fix for this issue? I have seen related posts but I was not able to g...

When I do scan using fortify tool, I got some issues under "XML External Entity Injection". TransformerFactory trfactory = TransformerFactory.newInstance(); This is the place where it is showi...

I am getting SUBSCRIPTION_JSON from client which I am converting it to String and then setting it to Model Object using gson library. On running the code on Fortify security, It is giving me Json i...

In my code, I am calling getObject() method from an ObjectMessage object received from a JMS queue. Fortify report is complaining about this getObject() method with an error name like this Dynamic ...

I have a Spring Boot controller that works fine and has the following declaration: @RestController @RequestMapping("/api/our") @PreAuthorize(value = "hasRole('ROLE_USER')") @Api(value="our", produ...

I scanned with HP Fortify SCA 4.10 . Now I would like to export the raw results into Excel format to do data massaging to generate pivot tables. Can anybody suggest a easy or hard way to do it.