MetaCredo.
View Source
Detects improper input validation patterns (CWE-20).
Identifies code patterns where user input is used in sensitive operations without apparent validation or sanitization, such as using params directly without changeset validation.
Category: Security / Priority: high