[Follow-up] Add experimental WebUI for short messages with session-based login #942

❌ Found 38 blocking security issues

Sourcery found 38 blocking security issues:

XMOJ.user.js:685 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:685 - User controlled data in a ToastTime.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:695 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:695 - User controlled data in a ToastBody.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:743 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:743 - User controlled data in a ToastTime.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:1622-1624 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:1622-1624 - User controlled data in a Style.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:1917 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:1917 - User controlled data in a UpdateDataCardListItem.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2269 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2269 - User controlled data in a document.getElementsByTagName("h2")[0].innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2322 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2322 - User controlled data in a problemSwitcher.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2354 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2354 - User controlled data in a document.querySelector('.mt-3 > center:nth-child(1)').innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2665 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2665 - User controlled data in a Rows[i].cells[2].innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2723 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2723 - User controlled data in a CurrentRow.cells[2].innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2725 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:2725 - User controlled data in a CurrentRow.cells[2].innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:3454 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:3454 - User controlled data in a UpdateDataCardListItem.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:3745 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:3745 - User controlled data in a UserInfoElement.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:3746 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:3746 - User controlled data in a UserInfoElement.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:4370 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:4370 - User controlled data in a Temp[i].children[1].innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:4894 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:4894 - User controlled data in a TitleLink.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:5238 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:5238 - User controlled data in a PostTitle.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:5243 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:5243 - User controlled data in a PostBoard.innerHTML is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:5393 - User controlled data in methods like innerHTML, outerHTML or document.write is an anti-pattern that can lead to XSS vulnerabilities
XMOJ.user.js:5393 - User controlled data in a ReplyContentElement.innerHTML is an anti-pattern that can lead to XSS vulnerabilities

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Follow-up] Add experimental WebUI for short messages with session-based login #942

Uh oh!

Uh oh!

[Follow-up] Add experimental WebUI for short messages with session-based login #942

Uh oh!

❌ Found 38 blocking security issues

Re-running checks...

[Follow-up] Add experimental WebUI for short messages with session-based login #942

Uh oh!

fix: add proxy mode for webui login and api calls

Uh oh!

[Follow-up] Add experimental WebUI for short messages with session-based login #942

Uh oh!

❌ Found 38 blocking security issues

Re-running checks...