issues Search Results · language:Dune language:Python language:JavaScript language:TypeScript language:Java language:HTML
Filter by
76.9M results
yoom-marketingDescription
User registration accepts weak passwords with no complexity requirements, minimum length, or history checks. This
enables account compromise through brute force.
Expected Behavior
Enforce ...
anshul23102
The README.md file contains setup inaccuracies that cause installation to fail for new developers:
Wrong Backend Command: Step 6 says to run npm run dev. The backend actually uses npm start. Running npm ...
rpoojaa06-git
Description
User-generated content (posts, profiles, messages) is rendered directly in templates without sanitization, allowing
attackers to inject malicious scripts.
Expected Behavior
Sanitize all ...
Summary
Thumbnailizer currently requires hand-editing JSON or a text override file for most generation parameters. The fork
should expose persistent generation preset editing inside the Thumbnailizer ...
odyss3y
Description
Some database queries may be constructed dynamically without proper parameterization, allowing SQL injection attacks if
user input is not sanitized.
Expected Behavior
All queries should ...
Summary
The MCP tool surface currently has no way to read a page s raw markdown or make a targeted edit to an existing page. The
only write primitive, pkm_write_page, performs a whole-page write/overwrite. ...
enhancement
gilesknap
Parent: #441 (Scan B finding #2)
Problem
gate has 6 distinct meanings across code and docs:
| # | Concept | Where | What it means |
| --- | --- | --- | --- |
| 1 | draft_gate | skill docs, code | Review ...
documentation
mfittko
Description
Form submissions and API endpoints accept POST requests without validating CSRF tokens, allowing attackers to forge
requests on behalf of authenticated users.
Expected Behavior
All POST/DELETE/PUT ...
Description
Django CORS middleware likely has overly permissive configuration allowing requests from any origin. This enables CSRF
attacks and data exfiltration to unauthorized domains.
Expected Behavior ...
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.
Learn how you can use GitHub Issues to plan and track your work.
Save views for sprints, backlogs, teams, or releases. Rank, sort, and filter issues to suit the occasion. The possibilities are endless.Learn more about GitHub IssuesProTip! Restrict your search to the title by using the in:title qualifier.