[SAST] Vue_DOM_XSS in file index.html
Description
The method m-1"> embeds untrusted data in generated output with href, at line 36 of \storage\provider\storage-azure\src\main\resources\static\index.html. This untrusted data is embedded into the output without proper sanitization or encoding, enabling an attacker to inject malicious code into the generated web-page.
Location:
Source | Destination | |
---|---|---|
File | storage/provider/storage-azure/src/main/resources/static/index.html | storage/provider/storage-azure/src/main/resources/static/index.html |
Line number | 92 | 36 |
Object | pathname | href |
Code line | return location.protocol + '//' + location.host + location.pathname |
<a :href="signInUrl" class="btn btn-primary" v-if="!token" class="col-2">Login</a> |