org.sonar.l10n.javascript.rules.javascript.S5247.json Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of javascript-checks Show documentation

There is a newer version: 10.20.0.29356

{
  "title": "Disabling auto-escaping in template engines is security-sensitive",
  "type": "SECURITY_HOTSPOT",
  "code": {
    "impacts": {
      "SECURITY": "MEDIUM"
    },
    "attribute": "COMPLETE"
  },
  "status": "ready",
  "remediation": {
    "func": "Constant\/Issue",
    "constantCost": "5min"
  },
  "tags": [
    "cwe",
    "type-dependent"
  ],
  "defaultSeverity": "Major",
  "ruleSpecification": "RSPEC-5247",
  "sqKey": "S5247",
  "scope": "Main",
  "securityStandards": {
    "CWE": [
      79
    ],
    "OWASP": [
      "A7"
    ],
    "OWASP Top 10 2021": [
      "A3"
    ],
    "PCI DSS 3.2": [
      "6.5.7"
    ],
    "PCI DSS 4.0": [
      "6.2.4"
    ],
    "ASVS 4.0": [
      "5.3.3"
    ]
  },
  "compatibleLanguages": [
    "JAVASCRIPT",
    "TYPESCRIPT"
  ]
}