mirror of
https://github.com/securego/gosec.git
synced 2024-12-24 11:35:52 +00:00
Update the description message of template rule (#803)
This commit is contained in:
parent
0791d31471
commit
89dfdc0c97
1 changed files with 1 additions and 1 deletions
|
@ -54,7 +54,7 @@ func NewTemplateCheck(id string, conf gosec.Config) (gosec.Rule, []ast.Node) {
|
|||
ID: id,
|
||||
Severity: gosec.Medium,
|
||||
Confidence: gosec.Low,
|
||||
What: "this method will not auto-escape HTML. Verify data is well formed.",
|
||||
What: "The used method does not auto-escape HTML. This can potentially lead to 'Cross-site Scripting' vulnerabilities, in case the attacker controls the input.",
|
||||
},
|
||||
}, []ast.Node{(*ast.CallExpr)(nil)}
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue