[code-scanner] security findingsΒ #107
Description
Automated scan report β generated on 2026-04-05
Summary
| Severity | Count |
|---|---|
| medium | 2 |
semgrep
π‘ Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use
- Rule:
typescript.react.security.audit.react-dangerouslysetinnerhtml.react-dangerouslysetinnerhtml - Severity: medium
- Location:
src/components/home/frequentlyAskedQuestions.tsx:55
Detection of dangerouslySetInnerHTML from non-constant definition. This can inadvertently expose users to cross-site scripting (XSS) attacks if this comes from user-provided input. If you have to use dangerouslySetInnerHTML, consider using a sanitization library such as DOMPurify to sanitize your HTML.
llm/security-researcher
π‘ Potential GraphQL injection in ENS subgraph query via string interpolation
- Rule:
llm/security-researcher/graphql-injection - Severity: medium
- Location:
src/api/domains/checkIfWrapped.ts:10
In src/api/domains/checkIfWrapped.ts, the domain parameter is directly interpolated into a GraphQL query string using template literals: domains(where: {name: "${domain}"}). This allows an attacker to break out of the string context and inject arbitrary GraphQL operations by including a double quote in the domain name.
Exploit Scenario: An attacker could craft a domain name containing "}) { id } __schema { types { name } } domains(where: {name: " to break out of the query and enumerate the GraphQL schema, or inject malicious queries to extract data from the subgraph.
Recommendation: Use GraphQL variables instead of string interpolation. Pass domain as a variable: query GetRegistrations($name: String!) { domains(where: {name: $name}) { ... } } and provide it via the variables field in the request body.
This issue is managed automatically by code-scanner. It will be updated on each scan and closed when all findings are resolved.