Get Started
- CodeAnt AI
- Control Center
- Pull Request Review
- IDE
- Compliance
- Anti-Patterns
- Code Governance
- Infrastructure Security Database
- Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Android
- Aws-lambda
- Castor
- Java-jwt
- Jax-rs
- Jboss
- Jdo
- Jedis
- Jjwt
- Jsch
- Kryo
- Lang
- Micronaut
- Mongo
- Mongodb
- Mysql
- Okhttp
- Rmi
- Servlets
- Security
- Security
- Audit
- Castor-deserialization-deepsemgrep
- Crlf-injection-logs-deepsemgrep
- Crlf-injection-logs
- Httpservlet-path-traversal-deepsemgrep
- Httpservlet-path-traversal
- Kryo-deserialization-deepsemgrep
- No-direct-response-writer-deepsemgrep
- No-direct-response-writer
- Nosql-injection-servlets
- Objectinputstream-deserialization-servlets
- Servletresponse-writer-xss-deepsemgrep
- Servletresponse-writer-xss
- Tainted-cmd-from-http-request-deepsemgrep
- Tainted-cmd-from-http-request
- Tainted-code-injection-from-http-request-deepsemgrep
- Tainted-code-injection-from-http-request
- Tainted-ldapi-from-http-request-deepsemgrep
- Tainted-ldapi-from-http-request
- Tainted-session-from-http-request-deepsemgrep
- Tainted-session-from-http-request
- Tainted-sql-from-http-request-deepsemgrep
- Tainted-sql-from-http-request
- Tainted-ssrf-deepsemgrep-add
- Tainted-ssrf-deepsemgrep-format
- Tainted-ssrf-deepsemgrep
- Tainted-ssrf
- Tainted-xml-decoder-deepsemgrep
- Tainted-xml-decoder
- Tainted-xpath-from-http-request-deepsemgrep
- Tainted-xpath-from-http-request
- Xstream-anytype-deserialization-deepsemgrep
- Xxe
- Spring
- Thymeleaf
- Xstream
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml
No-direct-response-writer
No direct response writer
This rule is deprecated
Likelihood: HIGH
Confidence: MEDIUM
CWE:
- CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
OWASP:
- A07:2017 - Cross-Site Scripting (XSS)
- A03:2021 - Injection