Fortify在我们用于RTF编辑器的TinyMCE库中标记了“打开重定向”问题
下面是分析证据的报告
有人知道这是假阳性吗?
editor_plugin_src.js:69 - Read elm.value
editor_plugin_src.js:69 - exec(0:return)
editor_plugin_src.js:69 Assignment to matches
editor_plugin_src.js:71 Assignment to data.docencoding
editor_plugin_src.js:119 Return data
editor_plugin_src.js:29 _htmlToData(return.docencoding)
editor_plugin_src.js:29 Assignment to data
editor_plugin_src.js:29 open(1)