search

OtherDevOpsGene / zap-sonar-plugin

Integrates OWASP Zed Attack Proxy reports into SonarQube
GNU General Public License v3.0
69 stars 29 forks source link

Incorporate page #67

Closed OtherDevOpsGene closed 3 years ago

OtherDevOpsGene commented 3 years ago

Incorporated https://github.com/pangyiwei/zap-sonar-plugin/tree/zap-html-report-page with updated packages

ghost commented 3 years ago

DeepCode's analysis on #6cb6de found:

Description Example fixes
Unsanitized input from the request URL flows into end, where it is used to render an HTML page returned to the user. This may result in a Cross-Site Scripting attack (XSS). Occurrences: :wrench: Example fixes
No catch method for promise. This may result in an unhandled promise rejection. Occurrences: :wrench: Example fixes
Logger calls should be surrounded by log level guards. Occurrences: :wrench: Example fixes

👉 View analysis in DeepCode’s Dashboard | Configure the bot