Cross-site Scripting (XSS) in link_to

Description

The code includes user input in `link_to` without proper sanitization, allowing an attacker to inject malicious JavaScript code. In Rails, the body of `link_to` is not escaped, making it vulnerable to XSS attacks.

Examples

Insecure Code

ruby

link_to params[:user_link_text], some_path

Secure Code

ruby

user_input = params[:user_link_text]
safe_link_text = sanitize(user_input)
<%= link_to safe_link_text, some_safe_path %>

Remediation

Sanitize user input used within `link_to` method calls using the `sanitize` helper method or other Rails sanitization helpers.

Rule Details

Field	Value
ID	CODE-0554
Category	Injection
Severity	MEDIUM
CWE	CWE-79
Confidence	HIGH
Impact	HIGH
Likelihood	MEDIUM
Exploitability	EASY
Tags	xss, cross-site scripting
OWASP	A7:2017-Cross-Site Scripting (XSS), A03:2021-Injection

References

https://github.com/semgrep/semgrep-rules/blob/develop/ruby/rails/security/audit/xss/avoid-link-to.yaml
https://brakemanscanner.org/docs/warning_types/link_to_href/
https://brakemanscanner.org/docs/warning_types/link_to/

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Cross-site Scripting (XSS) in link_to

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Cross-site Scripting (XSS) in link_to ​

Description ​

Examples ​

Insecure Code ​

Secure Code ​

Remediation ​

Rule Details ​

References ​

Cross-site Scripting (XSS) in link_to

Description

Examples

Insecure Code

Secure Code

Remediation

Rule Details

References