MetaCredo.
View Source
Detects potential Cross-Site Scripting (XSS) vulnerabilities (CWE-79).
Identifies code patterns where user input is rendered in HTML output without proper escaping, such as raw(), html_safe, innerHTML, or dangerouslySetInnerHTML.
Category: Security / Priority: higher