B703: django_mark_safe

bandit.plugins.django_xss.django_mark_safe(context)[source]

B703: Potential XSS on mark_safe function

Example:

>> Issue: [B703:django_mark_safe] Potential XSS on mark_safe function.
   Severity: Medium Confidence: High
   CWE: CWE-80 (https://cwe.mitre.org/data/definitions/80.html)
   Location: examples/mark_safe_insecure.py:159:4
   More Info: https://bandit.readthedocs.io/en/latest/plugins/b703_django_mark_safe.html
158         str_arg = 'could be insecure'
159     safestring.mark_safe(str_arg)

New in version 1.5.0.

Changed in version 1.7.3: CWE information added