Enno Liu
Download Count*

A ruleset of javascript and typescript rules made for OWASP Juice Shop.

Run Locally

Rules (3)

No author info

User data from `$USERDATA` is being compiled into the template, which can lead to a Server Side Template Injection (SSTI) vulnerability.

No author info

Putting request data into a mongo query can leadto a NoSQL Injection. Be sure to properly sanitize thedata if you absolutely must pass request data into a query.