Q
Detector Library
TypeScript detectors (104/104)
Integer overflowAWS insecure transmission CDKInsecure cookieAWS credentials loggedSQL injectionInsecure connection using unencrypted protocolNew function detectedBatch request with unchecked failuresUnvalidated expansion of archive filesMissing paginationXPath injectionLogging of sensitive informationOverride of reserved variable names in a Lambda functionInsecure CORS policyImproper input validationHardcoded credentialsInvoke super appropriatelyNumeric truncation errorAvoid nan in comparisonMissing check on method outputInsufficiently protected credentialsImproper restriction of rendered UI layers or framesPseudorandom number generatorsAWS missing encryption CDKCatch and swallow exceptionHeader injectionUse {} instead of new Object()Hardcoded IP addressUntrusted Amazon Machine ImagesWeak obfuscation of web requestsFile Race BadImproper certificate validationSendfile injectionCryptographic key generatorimproper input validation cdkXML external entityTiming attackMissing Amazon S3 bucket owner conditionInsecure hashingSession fixationUse of Default Credentials CDKFile injectionImproper Restriction of Operations within the Bounds of a Memory BufferLimit request lengthLog injectionType confusionServer side request forgeryaws kmskey encryption cdkInefficient polling of AWS resourceAvoid Undefined As Variable NameIndex of method comparisonString passed to `setInterval` or `setTimeout`Data loss in a batch requestTainted input for Docker APIInsecure temporary file or directoryCheck failed records when using kinesisAWS api logging disabled cdkImproper Access Control CDKLeast privilege violationFile extension validationResource leakSet SNS Return Subscription ARNInsecure object attribute modificationMissing Authentication for Critical Function CDKTypeof expressionAWS missing encryption of sensitive data cdkUnauthenticated Amazon SNS unsubscribe requests might succeedCross-site request forgeryClient-side KMS reencryptionInsecure cryptographyDeserialization of untrusted objectClear text credentialsImproper handling of case sensitivityUnsanitized input is run as codeProtection mechanism failureUse of a deprecated methodSensitive information leakDNS prefetchingExposure of Sensitive Information CDKInsecure JWT parsingLoose file permissionsMissing Authorization CDKSensitive query stringInsufficient Logging CDKOS command injectionNoSQL injectionUnverified hostnamePath traversalOrigins-verified cross-origin communicationsLDAP injectionSNS don't bind subscribe and publishS3 partial encrypt CDKNon-literal regular expressionStack trace exposureFile and directory information exposureUsage of an API that is not recommendedLazy Load ModuleDisabled HTML autoescapeImproper access controlCross-site scriptingSensitive data stored unencrypted due to partial encryptionAWS client not reused in a Lambda functionURL redirection to untrusted siteUntrusted data in security decision
Cross-site scripting High
User-controllable input must be sanitized before it's included in output used to dynamically generate a web page. Unsanitized user input can introduce cross-side scripting (XSS) vulnerabilities that can lead to inadvertedly running malicious code in a trusted context.
Detector ID
typescript/cross-site-scripting@v1.0
Category
Noncompliant example
1function crossSiteScriptingNoncompliant() {
2 let url = window.location.search.slice(1)
3
4 // Noncompliant: unsafe jQuery ajax request.
5 $.ajax({url: url, data: "Hello"})
6}
Compliant example
1import ESAPI from 'node-esapi'
2
3function crossSiteScriptingCompliant() {
4 let url = window.location.search.slice(1)
5
6 // Compliant: url is sanitized before ajax call.
7 url = ESAPI.encoder().encodeForURL(url)
8
9 $.ajax({url: url, data: "Hello"})
10}