headless-browser

semgrep

Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.

semgrep

Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.

semgrep

If unverified user data can reach the `phantom` page methods it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `addInitScript` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `wkhtmltoimage` it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `wkhtmltopdf` it can result in Server-Side Request Forgery vulnerabilities

semgrep

If unverified user data can reach the `compileScript` method it can result in Server-Side Request Forgery vulnerabilities