search

Githubuser60 / famed-demo

0 stars 0 forks source link

Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML. #22

Open get-famed[bot] opened 1 year ago

get-famed[bot] commented 1 year ago

πŸ¦Έβ€β™€οΈ Famed Scanner

πŸ“ Description

Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML.

πŸ“ Related files

inject.js

This issue was created by famed πŸ€–

get-famed[bot] commented 1 year ago

πŸ€– Assignees for issue Detected directly writing to a Response object from user-defined input. This bypasses any HTML escaping and may expose your application to a Cross-Site-scripting (XSS) vulnerability. Instead, use 'resp.render()' to render safely escaped HTML. #22 are now eligible to Get Famed.

❌ Add assignees to track contribution times of the issue πŸ¦Έβ€β™€οΈπŸ¦ΉοΈ βœ… Add a single severity (CVSS) label to compute the score 🏷️️

Happy hacking! πŸ¦ΎπŸ’™β€οΈοΈ