| Property | |
|---|---|
| Language |  |
| Severity |  |
| CWE | CWE-94: Improper Control of Generation of Code (‘Code Injection’) |
| OWASP | A03:2021 - Injection |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Medium |
The application uses user-supplied input (such as cookies, parameters, or request environment values) with Ruby reflection methods like constantize or const_get. This lets attackers control which classes or modules are loaded or executed at runtime, creating a serious security risk.
| Property | |
|---|---|
| Language | regex |
| Severity |  |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Outputting user-controlled data in JSP pages using Expression Language (EL) without proper escaping can allow malicious scripts to be injected into the page. Instead, use the JSTL ‘out’ tag to ensure the output is safely escaped and not vulnerable to cross-site scripting (XSS).
| Property | |
|---|---|
| Language | regex |
| Severity | |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Your JSP page is outputting data using Expression Language (EL) without escaping it, which means user-supplied input could be rendered directly into the page as HTML. This creates a risk of cross-site scripting (XSS) if any of the data comes from an untrusted source.
| Property | |
|---|---|
| Language | regex |
| Severity | |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
This code uses JSP scriptlets (<% … %>) to embed Java directly in JSP files, which is outdated and makes code harder to maintain and secure. Scriptlets can easily introduce security flaws, especially related to improper handling of user input and output.
| Property | |
|---|---|
| Language | generic |
| Severity | |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Using the HtmlString class in ASP.NET Core MVC to render HTML without encoding untrusted input exposes your application to cross-site scripting (XSS) attacks. Any data passed to HtmlString should always be properly encoded before rendering to prevent malicious scripts from being injected.
| Property | |
|---|---|
| Language |  |
| Severity | |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Disabling markup escaping in Mustache templates allows untrusted user input to be rendered as raw HTML. This removes a key defense against cross-site scripting (XSS) attacks.
If markup escaping is turned off, attackers can inject malicious scripts into your application’s output. This could let them steal user data, hijack sessions, or compromise user accounts, leading to data breaches and loss of user trust.
| Property | |
|---|---|
| Language | |
| Severity | |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Low |
| Impact Level | Medium |
| Likelihood Level | Low |
Interpolating variables directly into HTML template literals without encoding can allow untrusted content to be rendered as HTML. This means that if the variable contains malicious code, it could be executed in the browser.
If exploited, an attacker could inject malicious scripts (XSS) into your web page, leading to data theft, session hijacking, or unauthorized actions performed on behalf of users. This can compromise user accounts and damage application trust.
| Property | |
|---|---|
| Language | |
| Severity | |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Low |
| Impact Level | Low |
| Likelihood Level | Low |
Using the $STR.replace method with a string as the first argument only replaces the first match, not all instances. If this approach is used for sanitizing or escaping user input, dangerous characters elsewhere in the string might remain unescaped, leading to incomplete protection.
| Property | |
|---|---|
| Language |  |
| Severity | |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
The Jinja2 template environment is created without enabling autoescaping, which means user-supplied data rendered in templates won’t be automatically escaped. This can lead to unsafe HTML output when displaying content in a browser.
Without autoescaping, attackers could inject malicious scripts (XSS) into web pages, allowing them to steal user data, hijack sessions, or deface the site. This compromises both user security and the application’s integrity.
| Property | |
|---|---|
| Language | |
| Severity | |
| CWE | CWE-116: Improper Encoding or Escaping of Output |
| OWASP | A03:2021 - Injection |
| Confidence Level | Medium |
| Impact Level | Medium |
| Likelihood Level | Low |
The Jinja2 template environment is configured with autoescaping disabled. This means that user-supplied data rendered in templates is not automatically escaped, making it unsafe for web output.
With autoescaping turned off, attackers can inject malicious scripts (XSS) into pages viewed by users, potentially leading to stolen credentials, session hijacking, or unauthorized actions performed on behalf of users. This can compromise user data and trust in your application.