-
### Privileged issue
- [X] I'm @tiangolo or he asked me directly to create an issue here.
### Issue Content
code
```
def get_db():
db = SessionLocal2()
try:
yield db
excep…
-
## What problem are you trying to solve?
We want to convert a bunch of classes that used Spring field injection to constructor injection. We are willing to live with some caveats (e.g. only works …
-
As issue #2766 shows, there are still some Log4j plugin builders that don't have setters for all their configuration attributes.
Since field injection becomes more problematic in newer Java version…
-
There is a XSS injection attack possible against the hostname field of webssh. For example if webssh is port 443 of the local machine
```
https://localhost/?hostname=%3Cscript%3Ealert(%221%22)%3C/…
-
## Security Vulnerability: Client-Side Injection in Password Field
### Issue Description:
The password field currently allows the input of special characters (e.g., ``, ``), which can lead to client-…
-
(Note: this issue is opened in the context of #754 regarding modifications to the observation API of a Display Provider)
The display provider's observation API is missing some optional fields that …
-
HELLO @VesperAkshay ,
### Description
**Security Vulnerability: Client-Side Injection Allowance in Password Field**
### Issue Description:
The password field currently allows the input of spec…
-
-
Description: The application does not sanitize its URIs or SQL queries created from user inputs, such as account creation fields, adding friends, comments, posts or editing profiles.
Potential Impact…
-
## Proposal
Field injection via `@Autowired` is not recommended as it has some drawbacks and can cause unexpected behaviour (IntelliJ shows a warning message _Field injection is not recommended_). …