User input detected in a session key.
- Rule ID: ruby_rails_session_key_using_user_input
- Languages: ruby
- Source: session_key_using_user_input.yml
Description
Using user-defined data in a session key is bad practice and can allow attackers to perform unsafe actions.
Remediations
❌ Avoid using user-defined data in session keys