Skip to content

Updated the rule-ScriptInjection.yml

Chathumina Vimukthi requested to merge feat/issue-433058/script-injection-vulnerability into main

Updated the rule-ScriptInjection.yml to match invokeFunction() and invokeMethod() with added sinks and rule out false positives for eval() using taint mode. Updated the sample scenarios.

Issue - gitlab-org/gitlab#433058 (closed)

Edited by Chathumina Vimukthi

Merge request reports