CodeAnt AI home pagelight logodark logo
  • Support
  • Dashboard
  • Dashboard
  • Join Community
Start Here
  • What is CodeAnt?
Setup
  • Github
  • Bitbucket
  • Gitlab
  • Azure Devops
Pull Request Review
  • Features
  • Customize Review
  • Quality Gates
  • Integrations
Scan center
  • Code Security
  • Code Quality
  • Cloud Security
  • Engineering Productivity
Integrations
  • Jira
  • Test Coverage
  • CI/CD
IDE
  • Setup
  • Review
  • Enhancements
Rule Reference
  • Compliance
  • Anti-Patterns
  • Code Governance
  • Infrastructure Security Database
  • Application Security Database
    • Apex
    • Bash
    • C
    • Clojure
    • Cpp
    • Csharp
    • Dockerfile
    • Elixir
    • Fingerprints
    • Generic
    • Go
    • Html
    • Java
    • Javascript
    • Json
    • Kotlin
    • Ocaml
    • Php
    • Problem-based-packs
    • Python
    • Ruby
    • Rust
    • Scala
    • Solidity
    • Swift
    • Terraform
    • Typescript
      • Angular
      • Aws-cdk
      • Lang
      • Nestjs
      • Nextjs
      • React
        • Best practice
        • Portability
        • React-create-element-dangerouslysetinnerhtml-prop
        • React-create-element-dangerouslysetinnerhtml-url
        • React-create-element-href-prop
          • React create element href prop
        • React-create-element-href-url
        • React-dangerouslysetinnerhtml-prop
        • React-dangerouslysetinnerhtml-url
        • React-href-prop
        • React-href-url
        • React-refs-prop
        • React-refs-url
        • Security
        • Security
      • Typescript
    • Yaml
Resources
  • Open Source
  • Blogs
React-create-element-href-prop

React create element href prop

react-create-element-href-prop

Untrusted input could be used to tamper with a web page rendering, which can lead to a Cross-site scripting (XSS) vulnerability. XSS vulnerabilities occur when untrusted input executes malicious JavaScript code, leading to issues such as account compromise and sensitive information leakage. To prevent this vulnerability, validate URLs and their protocol before using them in your codebase.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’)
OWASP:
- A07:2017 - Cross-Site Scripting (XSS)
- A03:2021 - Injection
React create element dangerouslysetinnerhtml urlReact create element href url
twitterlinkedin
Powered by Mintlify
Assistant
Responses are generated using AI and may contain mistakes.