issues Search Results · language:Dune language:Python language:HTML language:Python language:JavaScript

Filter by

• • Code... (...)results
  • Repositories
    results
  • Issues
    results
  • Pull requests
    results
  • Discussions
    results
  • Users
    results
  • More

• State

  • Open
  • Closed

• Advanced

  • Owner
  • State
  • Close reason
  • Has linked pull request
  • Author
  • Assignee
  • Mentioned user
  • Mentioned team
  • Commenter
  • Involved user
  • Label
  • Milestone
  • Number of comments
  • Number of interactions
• Advanced search

Filter:Issues46.9M (46.9M)

46.9M results  (765 ms)

46.9M results

Sort by: Best match

Filter

Miyamura80/MCP-Template

Sanitize external email HTML before rendering (DOMPurify)

Problem External email HTML from untrusted senders is rendered via dangerouslySetInnerHTML without sanitization in both the inbox reader and composer thread panel. While innerHTML doesn t execute script ...

bug

• Miyamura80
·
• Opened 
  15 seconds ago
·
• #68

dhairyagothi/100_days_100_web_project

DevOps: Missing .dockerignore Causes Bloated Docker Build Context

Target Repository root (no .dockerignore exists; Docker scripts in package.json and ci.yml:83-91) Category DevOps | Level: Intermediate The Vulnerability The project has Docker build scripts (docker:build, ...

• sanrishi
·
• Opened 
  16 seconds ago
·
• #6221

dhairyagothi/100_days_100_web_project

Security: Missing Authentication on Express User API Routes Exposes Sensitive Data

Target public/Express Server/routes/apiRoutes.js:30-31 + public/Express Server/controllers/apiController.js:46-59 Category Security | Level: Intermediate The Vulnerability The GET /api/users and GET ...

• sanrishi
·
• 1
·
• Opened 
  16 seconds ago
·
• #6222

dhairyagothi/100_days_100_web_project

Performance: O(N^2) Particle Link Calculation Causes Jank on Every Animation Frame

Target index.js:2173-2189 + learning/learning.js:733-751 Category Performance | Level: Intermediate The Vulnerability The particle network backgrounds use nested or loops (O(N^2)) every animation ...

• sanrishi
·
• Opened 
  17 seconds ago
·
• #6219

dhairyagothi/100_days_100_web_project

DevOps: GitHub Actions Workflows Install Dependencies Without Caching

Target .github/workflows/lint-format-check.yml:24-30 + .github/workflows/ci.yml Category DevOps | Level: Intermediate The Vulnerability Multiple GitHub Actions workflows run pm install or pm ci without ...

• sanrishi
·
• 1
·
• Opened 
  17 seconds ago
·
• #6220

hskim-solv/BidMate-DocAgent

docs: record overlap gate in architecture module map

Summary Add a small reviewer/agent note to the architecture module map so parallel Codex/Claude sessions know to run overlap-preflight before editing module-owned surfaces. Scope - Docs-only update ...

documentation

• hskim-solv
·
• Opened 
  17 seconds ago
·
• #2092

dhairyagothi/100_days_100_web_project

Security: HTML Injection and XSS via Unsanitized Input in Nodemailer Email Template

Target public/gmail_nodemailer/app.js:65 Category Security | Level: Intermediate The Vulnerability eq.body.name is interpolated directly into an HTML email body via template literal without any escaping ...

• sanrishi
·
• Opened 
  18 seconds ago
·
• #6218

dhairyagothi/100_days_100_web_project

Security: Missing Rate Limiting on Authentication Endpoints Enables Brute-Force Attacks

Target public/Voting_Application_Backend/server/routes/userRoutes.js:53 (POST /login) public/loginusingmern/index.js:143 (POST /login) public/url_shortener/backend/routes/Login_route.js Category Security ...

• sanrishi
·
• 1
·
• Opened 
  18 seconds ago
·
• #6217

dhairyagothi/100_days_100_web_project

Security: Path Traversal and Stored XSS via Unsanitized Filename in File Upload

Target public/file_uploader/index.js:28 + public/file_uploader/views/upload.ejs:363 Category Security | Level: Intermediate The Vulnerability Multer s ilename callback uses ile.originalname directly ...

• sanrishi
·
• 1
·
• Opened 
  19 seconds ago
·
• #6216

dhairyagothi/100_days_100_web_project

Security: Hardcoded JWT Fallback secretkey Enables Authentication Bypass

Target public/loginusingmern/index.js:30,99,163 + public/loginusingmern/middleware/auth.js:9 Category Security | Level: Intermediate The Vulnerability Every JWT sign/verify call falls back to the ...

• sanrishi
·
• 1
·
• Opened 
  19 seconds ago
·
• #6215

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues

ProTip! Restrict your search to the title by using the in:title qualifier.

Learn how you can use GitHub Issues to plan and track your work.

Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub Issues

ProTip! Restrict your search to the title by using the in:title qualifier.