[stable27] fix: csrf check failed on public share with password #47453
Annotations
10 errors and 2 warnings
|
Psalm taint analysis:
apps/admin_audit/lib/Actions/Action.php#L64
apps/admin_audit/lib/Actions/Action.php:64:16: TaintedHtml: Detected tainted HTML (see https://psalm.dev/245)
|
|
Psalm taint analysis:
apps/files_external/lib/Config/ConfigAdapter.php#L74
apps/files_external/lib/Config/ConfigAdapter.php:74:50: TaintedCallable: Detected tainted text (see https://psalm.dev/243)
|
|
Psalm taint analysis:
apps/files_external/lib/Lib/Storage/SFTP.php#L247
apps/files_external/lib/Lib/Storage/SFTP.php:247:17: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
|
|
Psalm taint analysis:
apps/files_external/lib/Lib/Storage/SFTP.php#L268
apps/files_external/lib/Lib/Storage/SFTP.php:268:19: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
|
|
Psalm taint analysis:
apps/files_external/lib/Lib/Storage/SFTP.php#L413
apps/files_external/lib/Lib/Storage/SFTP.php:413:22: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
|
|
Psalm taint analysis:
apps/files_sharing/lib/Controller/ShareController.php#L501
apps/files_sharing/lib/Controller/ShareController.php:501:35: TaintedCookie: Detected tainted cookie (see https://psalm.dev/257)
|
|
Psalm taint analysis:
apps/theming/lib/IconBuilder.php#L137
apps/theming/lib/IconBuilder.php:137:40: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
|
|
Psalm taint analysis:
apps/theming/lib/IconBuilder.php#L235
apps/theming/lib/IconBuilder.php:235:28: TaintedFile: Detected tainted file handling (see https://psalm.dev/255)
|
|
Psalm taint analysis:
lib/base.php#L204
lib/base.php:204:12: TaintedHeader: Detected tainted header (see https://psalm.dev/256)
|
|
Psalm taint analysis:
lib/base.php#L286
lib/base.php:286:12: TaintedHeader: Detected tainted header (see https://psalm.dev/256)
|
|
The following actions use a deprecated Node.js version and will be forced to run on node20: actions/checkout@v3, github/codeql-action/upload-sarif@v2. For more info: https://github.blog/changelog/2024-03-07-github-actions-all-actions-will-run-on-node20-instead-of-node16-by-default/
|
|
Upload Security Analysis results to GitHub
CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/
|
Loading