[C#] CWE-348: Use of less trusted source

### Query PR

https://github.com/github/codeql/pull/9339

### Language

C#

### CVE(s) ID list

- CVE-20nn-nnnnn

### CWE

CWE-348

### Report

If an application trusts an HTTP request header like `X-Forwarded-For` to accurately specify the remote IP address of the connecting client.

## Result(s) 
_Provide at least one useful result found by your query, on some revision of a real project._
* [amo-com/lib-dotnet](https://github.com/amo-com/lib-dotnet) : [source](https://github.com/amo-com/lib-dotnet/blob/7cbe93da75852d8c8df3b8cfcaa99c8925897c01/src/Amo.Lib/CoreApi/Common/RequestManager.cs#L22) -> [sink](https://github.com/amo-com/lib-dotnet/blob/7cbe93da75852d8c8df3b8cfcaa99c8925897c01/src/Amo.Lib/Lib/Common/IpUtils.cs#L103)
* [joshualzb/LT.Component](https://github.com/joshualzb/LT.Component) : [source](https://github.com/joshualzb/LT.Component/blob/aac482b4ba37627eb93d1c1fcacb6addf7065802/LT.Component/Web/IP.cs#L17) -> [sink](https://github.com/joshualzb/LT.Component/blob/aac482b4ba37627eb93d1c1fcacb6addf7065802/LT.Component/Web/IP.cs#L33)

### Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

- [X] Yes
- [ ] No

### Blog post link

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[C#] CWE-348: Use of less trusted source #683

Query PR

Language

CVE(s) ID list

CWE

Report

Result(s)

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

Blog post link

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

[C#] CWE-348: Use of less trusted source #683

Description

Query PR

Language

CVE(s) ID list

CWE

Report

Result(s)

Are you planning to discuss this vulnerability submission publicly? (Blog Post, social networks, etc).

Blog post link

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions