Add change note

2026-04-22 15:25:18 +02:00 · 2021-06-25 18:24:15 +01:00
parent 856046ce50
commit 52471b292a
1 changed files with 2 additions and 0 deletions
--- a/java/change-notes/2021-06-25-jax-rs-content-types.md
+++ b/java/change-notes/2021-06-25-jax-rs-content-types.md
@@ -0,0 +1,2 @@
+lgtm,codescanning
+* The XSS query now accounts for more ways to set the content-type of an entity served via a Jax-RS HTTP endpoint. This may flag more cases where an XSS-vulnerable content-type is set, and exclude more cases where a non-vulnerable content-type such as `application/json` is set.