Sobelow v0.10.6 Sobelow.XSS View Source

Cross-Site Scripting

Cross-Site Scripting (XSS) vulnerabilities are a result of rendering untrusted input on a page without proper encoding. XSS may allow an attacker to perform actions on behalf of other users, steal session tokens, or access private data.

Read more about XSS here: https://www.owasp.org/index.php/Cross-siteScripting(XSS)

XSS checks can be ignored with the following command:

$ mix sobelow -i XSS

Link to this section Summary

Link to this section Functions

Link to this function

get_template_vulns(meta_file) View Source

Link to this function

get_vulns(fun, meta_file, web_root, skip_mods \\ []) View Source