hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity

Python: Add change-note

Browse Source
This commit is contained in:
Rasmus Wriedt Larsen
2023-08-29 10:46:25 +02:00
parent 0b2458d065
commit 49d510018d
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
python/ql/src/change-notes/2023-08-29-fixed-jsonify-xss-fp.md Normal file
View File

@@ -0,0 +1,4 @@
---
category: minorAnalysis
---
* Improved _Reflected server-side cross-site scripting_ (`py/reflective-xss`) query to not alert on data passed to `flask.jsonify`. Since these HTTP responses are returned with mime-type `application/json`, they do not pose a security risk for XSS.