react

typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml

semgrep

Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

typescript.react.security.audit.react-http-leak.react-http-leak

semgrep

this rule has been deprecated.

typescript.react.security.react-insecure-request.react-insecure-request

semgrep

Unencrypted request over HTTP detected.

semgrep

Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

semgrep

Detection of $HTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use $HTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.

semgrep

This rule has been deprecated.

semgrep

Insufficient permissions to view rule definition. This rule is only visible to logged in users. Log in to see this rule.