Scanning codebase through the Checkmarx tool, I am getting "Client Side Only Validation" vulnerability, this point is raised wherever partial class is used.
Point 1:
Imports System.Data
Imports System.Data.SqlClient
Imports System.Security.Cryptography
Partial Class Frm_ChangePwd //Checkmarx points to this line as vulnerability
Inherits System.Web.UI.Page
Point 2:
Imports System.Data
Imports System.Data.SqlClient
Imports System.Security.Cryptography
Partial Class Frm_changepassword //Checkmarx points to this line as vulnerability
Inherits System.Web.UI.Page
Checkmarx also gives this detail "No server side validation was found [path to code file]\Frm_changepassword.aspx.vb file, using only client side validation is not enough as it is easy to bypass"
Checkmarx raises this issues, whenever a partial class is used, but I'm not able to understand what exactly should I do to remediate this point.
This finding shows up because Checkmarx is not seeing any server side validators in your code. To be specific, it looks for the Page.IsValid property. I suggest to add a validation check using this property:
Page.Validate()
If Page.IsValid = True Then
....
Else
....
End If