Documentation Index
Fetch the complete documentation index at: https://docs.codeant.ai/llms.txt
Use this file to discover all available pages before exploring further.
tainted-log-injection-stdlib-flask
tainted-log-injection-stdlib-flask
Detected a logger that logs user input without properly neutralizing the output. The log message could contain characters like
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-117: Improper Output Neutralization for Logs
OWASP:
- A09:2021 - Security Logging and Monitoring Failures
and and cause an attacker to forge log entries or include malicious content into the logs. Use proper input validation and/or output encoding to prevent log entries from being forged.Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-117: Improper Output Neutralization for Logs
OWASP:
- A09:2021 - Security Logging and Monitoring Failures