|
|
|
func checkUserQuery(username, pass string) *UserData { |
|
/* this function will check rows num which return from query */ |
|
db, err := database.Connect() |
|
if err != nil { |
|
log.Println(err.Error()) |
|
} |
|
|
|
var uData = UserData{} //inisialize empty userdata |
|
|
|
const ( |
Filename: source-code/user/user.go
Line: 138
CWE: 209 (Information Exposure Through an Error Message)
The application calls the log::Println() function, which may expose information about the application logic or other details such as the names and versions of the application container and associated components. This information can be useful in executing other attacks and can also enable the attacker to target known vulnerabilities in application components. The first argument to Println() contains data from an error message (possibly containing untrusted data). The data from an error message (possibly containing untrusted data) originated from an earlier call to error.Error. Ensure that error codes or other messages returned to end users are not overly verbose. Sanitize all messages of any sensitive information that is not absolutely necessary. References: CWE/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode
govwanew//user/user.go
Lines 133 to 143 in 2729495
Filename: source-code/user/user.go
Line: 138
CWE: 209 (Information Exposure Through an Error Message)
The application calls the log::Println() function, which may expose information about the application logic or other details such as the names and versions of the application container and associated components. This information can be useful in executing other attacks and can also enable the attacker to target known vulnerabilities in application components. The first argument to Println() contains data from an error message (possibly containing untrusted data). The data from an error message (possibly containing untrusted data) originated from an earlier call to error.Error. Ensure that error codes or other messages returned to end users are not overly verbose. Sanitize all messages of any sensitive information that is not absolutely necessary. References: CWE/nDon't know how to fix this? Don't know why this was reported?
Get Assistance from Veracode