app/controllers/wmoauth_controller.rb		Redirect	General	Possible unprotected redirect near line : redirect_to(Wmoauth.get_client.auth_code.authorize_url(:redirect_uri => ENV["REDIRECT_URI"]))	High
app/controllers/webhooks_controller.rb		Cross Site Request Forgery	Controller	'protect_from_forgery' should be called in WebhooksController near line 	High

app/views/calendar/show.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Calendar.format_calendar_data(Entry.find_by_date((params[:id] + "--"), (params[:id] + "--"), )).to_s	Medium
app/views/sections/_central_truth.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Entry.find(params[:id], params[:preview_code])["central_truth"]["journey_central_truth"]	High
app/views/sections/_introduction.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Entry.find(params[:id], params[:preview_code])["introduction"]["journey_introduction"]	High
app/views/sections/_introduction.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Entry.find(params[:id], params[:preview_code])["introduction"]["journey_introduction"]	High
app/views/sections/_introduction.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Entry.find(params[:id], params[:preview_code])["introduction"]["journey_introduction"]	High
app/views/sections/_key_verse.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Entry.find(params[:id], params[:preview_code])["key_verse"]["journey_key_verse_html"]	High
app/views/sections/_scripture_memory.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Entry.find(params[:id], params[:preview_code])["scripture_memory"]["journey_scripture_memory_html"]	High
app/views/sections/_tweetable_truth.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Entry.find(params[:id], params[:preview_code])["tweetable_truth"]["journey_tweetable_truth"]	High
app/views/sections/_writer.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : Entry.find(params[:id], params[:preview_code])["writer"]["journey_writer_bio"]	High
app/views/sections/comments/_group_comments.html.erb		Cross Site Scripting	Template	Unescaped model attribute near line : { post["post_number"] => ({ :raw => post["cooked"], :name => post["name"], :reply_count => post["reply_count"], :created_at => post["created_at"], :reply_to_post_number => post["reply_to_post_number"], :post_number => post["post_number"] }) }[(Unresolved Model).new.post_no][:raw]	Weak