hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
de2460e8b1013686e300191c322ac2e615696e29
codeql/csharp/ql/lib/change-notes/2024-12-12-add-markupstring-as-html-injection-sink.md
Dave Bartolomeo 22e030584c Revert "Release preparation for version 2.20.1"
2025-01-07 12:14:27 -05:00

5 lines
242 B
Markdown
Raw Blame History

---
category: minorAnalysis
---
* Added the constructor and explicit cast operator of `Microsoft.AspNetCore.Components.MarkupString` as an `html-injection` sink. This will help catch cross-site scripting resulting from using `MarkupString`.
Reference in New Issue View Git Blame Copy Permalink