headless-browser

returntocorp

Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.

returntocorp

Remote debugging protocol does not perform any authentication, so exposing it too widely can be a security risk.

returntocorp

If unverified user data can reach the `phantom` page methods it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `addInitScript` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `evaluate` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `goto` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `setContent` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `wkhtmltoimage` it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `wkhtmltopdf` it can result in Server-Side Request Forgery vulnerabilities

returntocorp

If unverified user data can reach the `compileScript` method it can result in Server-Side Request Forgery vulnerabilities

returntocorp

this rule has been deprecated.

returntocorp

this rule has been deprecated.

returntocorp

this rule has been deprecated.

returntocorp

this rule has been deprecated.