=== on 1 Oct 2015, 12:39:22 Ann Campbell wrote:
Since you've implemented the rule [~michael.gumowski], I'm unassigning the RSpec on the assumption that it looks good to you. :-)

=== on 19 Mar 2018, 11:11:57 Sébastien GIORIA - AppSecFR wrote:
Could be tagged A1:2017 more than A3:2017. This could lead to a injection. Storing data in a session on the server is not really a leak