Hello, I have a few CheckMarx issues. All of them are about user input data. I am not allowed to change those functionalities - it should be that way, the user should be able to write a login username and password and browse to select a folder to use. The folder could be anywhere. The issues that I have on CheckMarx are about Code Injection and Path Traversal.
I have searched online and I saw the options for parametrization and using whitelist but it's not possible in my case because we don't have restrictions for the password and the username as well as which folder, from which disk and etc. to be selected.
Any idea how to resolve those issues?