Update UserController.java

[sa-ny]

No description provided.

[github-actions]

Caution

Breaking Flaws identified in code!

Fixes for test/src/main/java/com/veracode/verademo/controller/UserController.java:
Falws found for this file:
CWE 117 - Improper Output Neutralization for Logs - Severity 3 on line 47 for issue 1086

Fix suggestions:

--- test/src/main/java/com/veracode/verademo/controller/UserController.java
+++ test/src/main/java/com/veracode/verademo/controller/UserController.java
@@ -11,6 +11,7 @@
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
+import org.apache.commons.text.StringEscapeUtils;
 
 /**
  * @author johnadmin
@@ -44,7 +45,7 @@
 		}
 		//...
 
-		logger.info("Entering showLogin with username " + username + " and target " + target);
+		logger.info("Entering showLogin with username " + StringEscapeUtils.escapeJava(username) + " and target " + target);
 
 		model.addAttribute("username", username);
 		model.addAttribute("target", target);

[github-actions]

Caution

Breaking Flaws identified in code!

Fixes for test/src/main/java/com/veracode/verademo/controller/UserController.java:
Falws found for this file:
CWE 117 - Improper Output Neutralization for Logs - Severity 3 on line 48 for issue 1086

Fix suggestions:

--- test/src/main/java/com/veracode/verademo/controller/UserController.java
+++ test/src/main/java/com/veracode/verademo/controller/UserController.java
@@ -45,7 +45,7 @@
 		}
 		//...
 
-		logger.info("Entering showLogin with username " + StringEscapeUtils.escapeJava(username) + " and target " + target);
+		logger.info("Entering showLogin with username " + StringEscapeUtils.escapeJava(StringEscapeUtils.escapeJava(username)) + " and target " + target);
 
 		model.addAttribute("username", username);
 		model.addAttribute("target", target);