reviewable_claimed_topics_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/reviewable_claimed_topics_controller.rb:11

ReviewableClaimedTopic.create!(:user_id => current_user.id, :topic_id => Topic.with_deleted.find_by(:id => params[:reviewable_claimed_topic][:topic_id]).id)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/reviewable_claimed_topics_controller.rb or mark it as false positive.

username_validator.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/models/username_validator.rb:27

User.new(user)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/models/username_validator.rb or mark it as false positive.

users_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/admin/users_controller.rb:309

User.find_by(:id => params[:user_id]).email_tokens.create(:email => User.find_by(:id => params[:user_id]).email)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/admin/users_controller.rb or mark it as false positive.

invites_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/invites_controller.rb:137

Invite.find_by(:invited_by => current_user, :id => params[:id]).topic_invites.create!(:topic_id => Topic.find_by(:id => params[:topic_id]).id)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/invites_controller.rb or mark it as false positive.

index.html.erb
code Moderate
Cross-Site Scripting
Discovered 4 months ago
Source: static code analysis
Category: Cross-Site Scripting
Confidence level: Weak

Problem

Unescaped model attribute

Location

app/views/about/index.html.erb:113

crawlable_meta_data(:title => SiteSetting.title, :description => SiteSetting.site_description)

Category description: XSS occurs when a user-manipulatable value is displayed on a web page without escaping it, allowing someone to inject Javascript or HTML into the page.

Solution: fix the issue in app/views/about/index.html.erb or mark it as false positive.

published_pages_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/published_pages_controller.rb:77

PublishedPage.new(:topic => Topic.new, :slug => params[:slug].strip)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/published_pages_controller.rb or mark it as false positive.

web_hooks_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/admin/web_hooks_controller.rb:36

WebHook.new(web_hook_params)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/admin/web_hooks_controller.rb or mark it as false positive.

discourse_single_sign_on.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/models/discourse_single_sign_on.rb:240

User.create!(:primary_email => UserEmail.new(:email => email, :primary => true), :name => ((name.presence or User.suggest_name((username.presence or email)))), :username => UserNameSuggester.suggest((username.presence or (name.presence or email))), :ip_address => ip_address, :locale => locale)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/models/discourse_single_sign_on.rb or mark it as false positive.

user_avatars_controller.rb
code Moderate
File Access
Discovered 4 months ago
Source: static code analysis
Category: File Access
Confidence level: Weak

Problem

Parameter value used in file name

Location

app/controllers/user_avatars_controller.rb:137

send_file(Discourse.store.path_for(get_optimized_image((Upload.find_by(:id => upload_id.to_i) or User.find_by(:username_lower => params[:username].to_s.downcase).uploaded_avatar), params[:size].to_i)), :disposition => nil)

Category description: When user-supplied input can contain ".." or similar characters that are passed through to file access APIs, causing access to files outside of an intended subdirectory.

Solution: fix the issue in app/controllers/user_avatars_controller.rb or mark it as false positive.

topic_embed.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/models/topic_embed.rb:73

TopicEmbed.create!(:topic_id => PostCreator.new(user, :title => title, :raw => absolutize_urls(normalize_url(url), (+"" << imported_from_html(url))), :skip_validations => true, :cook_method => ((Post.cook_methods[:regular] or Post.cook_methods[:raw_html])), :category => EmbeddableHost.record_for_url(normalize_url(url)).category_id, :visible => false).create.topic_id, :embed_url => normalize_url(url), :content_sha1 => Digest::SHA1.hexdigest((+"" << imported_from_html(url))), :post_id => PostCreator.new(user, :title => title, :raw => absolutize_urls(normalize_url(url), (+"" << imported_from_html(url))), :skip_validations => true, :cook_method => ((Post.cook_methods[:regular] or Post.cook_methods[:raw_html])), :category => EmbeddableHost.record_for_url(normalize_url(url)).category_id, :visible => false).create.id)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/models/topic_embed.rb or mark it as false positive.

category.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/models/category.rb:767

Permalink.create(:url => Permalink.normalize_url(((+"#{Discourse.base_path}/c" << "/#{parent_category.slug_path.join("/")}") << "/#{saved_changes.transform_values(&:first)["slug"]}/#{id}")), :category_id => id)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/models/category.rb or mark it as false positive.

user_action.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/models/user_action.rb:271

self.new(hash)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/models/user_action.rb or mark it as false positive.

users_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/users_controller.rb:1239

IgnoredUser.create!(:user => current_user, :ignored_user => fetch_user_from_params, :expiring_at => Time.parse(params[:expiring_at]))

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/users_controller.rb or mark it as false positive.

unsubscribe.html.erb
code Moderate
Cross-Site Scripting
Discovered 4 months ago
Source: static code analysis
Category: Cross-Site Scripting
Confidence level: Weak

Problem

Unescaped model attribute

Location

app/views/email/unsubscribe.html.erb:23

t("unsubscribe.stop_watching_topic", :link => render_topic_title((UnsubscribeKey.find_by(:key => params[:key]).post.topic or UnsubscribeKey.find_by(:key => params[:key]).topic)))

Category description: XSS occurs when a user-manipulatable value is displayed on a web page without escaping it, allowing someone to inject Javascript or HTML into the page.

Solution: fix the issue in app/views/email/unsubscribe.html.erb or mark it as false positive.

login.html.erb
code Moderate
Cross-Site Scripting
Discovered 4 months ago
Source: static code analysis
Category: Cross-Site Scripting
Confidence level: Weak

Problem

Unescaped model attribute

Location

app/views/static/login.html.erb:9

crawlable_meta_data(:title => (@title), :description => SiteSetting.site_description)

Category description: XSS occurs when a user-manipulatable value is displayed on a web page without escaping it, allowing someone to inject Javascript or HTML into the page.

Solution: fix the issue in app/views/static/login.html.erb or mark it as false positive.

users_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/users_controller.rb:353

UserHistory.create!(:previous_value => "", :target_user_id => fetch_user_from_params.id, :action => UserHistory.actions[:revoke_title])

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/users_controller.rb or mark it as false positive.

unsubscribe.html.erb
code Moderate
Cross-Site Scripting
Discovered 4 months ago
Source: static code analysis
Category: Cross-Site Scripting
Confidence level: Weak

Problem

Unescaped model attribute

Location

app/views/email/unsubscribe.html.erb:40

t("unsubscribe.unwatch_category", :category => category_badge((UnsubscribeKey.find_by(:key => params[:key]).post.topic or UnsubscribeKey.find_by(:key => params[:key]).topic).category))

Category description: XSS occurs when a user-manipulatable value is displayed on a web page without escaping it, allowing someone to inject Javascript or HTML into the page.

Solution: fix the issue in app/views/email/unsubscribe.html.erb or mark it as false positive.

index.html.erb
code Moderate
Cross-Site Scripting
Discovered 4 months ago
Source: static code analysis
Category: Cross-Site Scripting
Confidence level: Weak

Problem

Unescaped model attribute

Location

app/views/about/index.html.erb:109

crawlable_meta_data(:title => ("#{I18n.t("js.about.simple_title")} - #{SiteSetting.title}"), :description => SiteSetting.site_description)

Category description: XSS occurs when a user-manipulatable value is displayed on a web page without escaping it, allowing someone to inject Javascript or HTML into the page.

Solution: fix the issue in app/views/about/index.html.erb or mark it as false positive.

themes_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/admin/themes_controller.rb:62

Theme.new(:name => JSON.parse(params[:theme].read)["theme"]["name"], :user_id => theme_user.id)

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/admin/themes_controller.rb or mark it as false positive.

api_controller.rb
code Moderate
Mass Assignment
Discovered 4 months ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Weak

Problem

Unprotected mass assignment

Location

app/controllers/admin/api_controller.rb:110

ApiKeyScope.new(:resource => resource, :action => action, :allowed_parameters => build_params(scope_params, ApiKeyScope.scope_mappings.dig(resource.to_sym, action.to_sym)[:params]))

Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in app/controllers/admin/api_controller.rb or mark it as false positive.