[SAST] Vue_DOM_XSS in file index.html
Description
The method m-1"> embeds untrusted data in generated output with href, at line 36 of \storage\provider\storage-azure\src\main\resources\static\index.html. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.
Location:
| Source | Destination | |
|---|---|---|
| File | storage/provider/storage-azure/src/main/resources/static/index.html | storage/provider/storage-azure/src/main/resources/static/index.html |
| Line number | 92 | 36 |
| Object | pathname | href |
| Code line | return location.protocol + '//' + location.host + location.pathname |
<a :href="signInUrl" class="btn btn-primary" v-if="!token" class="col-2">Login</a> |