Input Validation for API URL #471
Labels
good first issue
Good for newcomers
hacktoberfest
Hacktoberfest 2024
hacktoberfest-accepted
Accepted for hacktoberfest!
High
Security
Comments
|
@sauravpanda would like to take this one! should |
|
sure, go ahead, pydantic would be nice! |
|
@sauravpanda i have tried working on this issue with a PR. |
sauravpanda
added
hacktoberfest
|
Sure, thanks for contributing, just updated the labels, let me know if I am missing something! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue Details
Severity: High
Category: Security
File Path:
https://github.com/Cloud-Code-AI/kaizen/blob/main//kaizen/tests/actions/diff_pr_test.py?plain=1#L18Description
Potential for URL manipulation leading to API abuse.
Impact
If user inputs are not validated, it could lead to unauthorized access or data leakage through crafted URLs.
Suggestion
Validate and sanitize inputs for owner, repo, and pr_number before using them in the URL.
Code Sample
Proposed Solution
✨ Generated with love by Kaizen ❤️
The text was updated successfully, but these errors were encountered: