Sobelow v0.13.0

View Source Sobelow.XSS (Sobelow v0.13.0)

Cross-Site Scripting

Cross-Site Scripting (XSS) vulnerabilities are a result of rendering untrusted input on a page without proper encoding. XSS may allow an attacker to perform actions on behalf of other users, steal session tokens, or access private data.

Read more about XSS here: https://www.owasp.org/index.php/Cross-site_Scripting_(XSS)

If you wish to learn more about the specific vulnerabilities found within the Cross-Site Scripting category, you may run the following commands to find out more:

      $ mix sobelow -d XSS.SendResp
      $ mix sobelow -d XSS.ContentType
      $ mix sobelow -d XSS.Raw
      $ mix sobelow -d XSS.HTML

XSS checks of all types can be ignored with the following command:

$ mix sobelow -i XSS

Link to this section Summary

Functions

details()
finding_modules()
get_template_vulns(meta_file)
get_vulns(fun, meta_file, web_root, skip_mods \\ [])
rules()

Link to this section Functions

Link to this function

details()

View Source
Link to this function

finding_modules()

View Source
Link to this function

get_template_vulns(meta_file)

View Source
Link to this function

get_vulns(fun, meta_file, web_root, skip_mods \\ [])

View Source
Link to this function

rules()

View Source