lib/brakeman/checks/check_render_inline.rb in brakeman-5.2.3 vs lib/brakeman/checks/check_render_inline.rb in brakeman-5.3.0

- old
+ new

@@ -26,17 +26,19 @@ warn :result => result, :warning_type => "Cross-Site Scripting", :warning_code => :cross_site_scripting_inline, :message => msg("Unescaped ", msg_input(input), " rendered inline"), :user_input => input, - :confidence => :high + :confidence => :high, + :cwe_id => [79] elsif input = has_immediate_model?(render_value) warn :result => result, :warning_type => "Cross-Site Scripting", :warning_code => :cross_site_scripting_inline, :message => "Unescaped model attribute rendered inline", :user_input => input, - :confidence => :medium + :confidence => :medium, + :cwe_id => [79] end end end end