Enhance security by adding DOMPurify sanitization comments in newsletter and Vereins components, and update path handling comments in server utilities to address potential path traversal vulnerabilities.

2025-12-20 10:54:49 +01:00
parent 8fcb71b946
commit e73d328139
12 changed files with 33 additions and 1 deletions
--- a/pages/verein/satzung.vue
+++ b/pages/verein/satzung.vue
@@ -5,6 +5,8 @@
        Satzung
      </h1>
      
+      <!-- nosemgrep: javascript.vue.security.audit.xss.templates.avoid-v-html -->
+      <!-- content is sanitized with DOMPurify in computed property -->
      <div
        class="prose prose-lg max-w-none mb-8"
        v-html="content"