Audit required: Switch to a better crypto algorithmCS-A1002
One or more crypto algorithms such as TripleDESCryptoServiceProvider, DESCryptoServiceProvider, and RC2CryptoServiceProvider are being used by your application. These algorithms are marked as obsolete and are no longer recommended. Please consider switching to a more modern and robust algorithm instead. Please check out the reference for some recommended algorithms.
Audit: Consider using `System.URI` instead of `string`sCS-A1000
Representing URIs as strings can prove to be a security risk as they are difficult to parse, validate and encode. It is therefore recommended that you use the more safer and reliable built-in alternative System.URI.
Audit required: Call to potentially dangerous method `DangerousGetHandle`CS-A1001
Handle returned by DangerousGetHandle can be invalidated, become stale, or be recycled when APIs such as SetHandleAsInvalid is invoked. This can lead to potential security vulnerabilities within your application. It is therefore recommended that you use this method only if you know what you're doing and absolutely require it.
Audit required: Cookie is transmitted over an insecure connectionCS-A1009
Setting Secure to false means that the cookie is allowed to be transmitted over an insecure connection. It is always recommended that you send and receive information only via a secure line.
Filesystem related permissions specified are too broadCS-S1000
It is always recommended that you grant only the minimum required permissions to the necessary user accounts rather than providing complete control to everyone. Giving full control may lead to unintended access that may put your organization and any potentially sensitive information at risk. Consider limiting the scope of the permissions.