Click here to lend your support to: rails-brakeman.com and make a donation at www.pledgie.com !

flyerhzm/rails-brakeman.com

Edit Repository Rails-brakeman.com
Build
84
Duration
2 secs
Finished
2014-04-02 16:01:30 UTC
Branch
master
Commit
b3194cd
Message
send user mail only when repository user_email exists
Brakeman Report

Summary

Scanned/Reported Total
Controllers 7
Models 4
Templates 12
Errors 0
Security Warnings 5 (0)
Ignored Warnings 0

Warning Type Total
Cross Site Scripting 2
File Access 1
Mass Assignment 2

Security Warnings

Confidence Class Method Warning Type Message
Weak RepositoriesController show File Access
Model attribute used in file name near line 48: send_file(Rails.root.join("public/images/#{(Repositor...

Model Warnings

Confidence Model Warning Type Message
Weak Build Mass Assignment Potentially dangerous attribute available for mass assignment: :last_commit_id
Weak Repository Mass Assignment Potentially dangerous attribute available for mass assignment: :github_id

View Warnings

Confidence Template Warning Type Message
Medium builds/index (BuildsController#index) Cross Site Scripting
Unsafe model attribute in link_to href near line 3: link_to((Repository.where(:github_name => ("#{par...
Medium builds/show (BuildsController#show) Cross Site Scripting
Unsafe model attribute in link_to href near line 3: link_to((Repository.where(:github_name => ("#{par...