Module ActionView
Modeling for ActionView.
Import path
import codeql.ruby.frameworks.ActionViewClasses
| ArgumentInterpretedAsUrl | An argument to a method call which constructs a script tag, interpreting the argument as a URL. Remote input flowing to this argument may allow loading of arbitrary javascript. |
Modules
| Helpers | Action view helper methods which are XSS sinks. |