You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Some of our teams are using Partytown, and they are getting CWE-95 vulns triggered from SAST/DAST scans with a "Very High" severity rating on this call:
new Function(scriptContent).call(env.$window$);
in partytown-ww-atomics.js
I am unable to provide further details such as the vendor names of the security tools we use, but multiple scanners over several vendors are reporting this.
Describe the bug
Some of our teams are using Partytown, and they are getting CWE-95 vulns triggered from SAST/DAST scans with a "Very High" severity rating on this call:
new Function(scriptContent).call(env.$window$);
in partytown-ww-atomics.js
I am unable to provide further details such as the vendor names of the security tools we use, but multiple scanners over several vendors are reporting this.
Reproduction
n/a
Steps to reproduce
Would require a SAST scan of code using the .js
Browser Info
n/a
Additional Information
CWE-95
The text was updated successfully, but these errors were encountered: