taint vuln by claire-villard-sonarsource · Pull Request #8 · claire-villard-sonarsource/test-vue-issue

• Extracts "url" query parameter from current page URL and immediately redirects to it
• Redirect occurs before API service initialization and auth checks

Review focus: This introduces a critical security vulnerability - unrestricted redirects can enable phishing attacks. The redirect URL should be validated against an allowlist of safe domains.

💬 Please send your feedback

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqube-cloud-dev17 · 2025-10-21T15:10:36Z

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqube-cloud-dev19 · 2025-10-23T12:56:55Z

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarclouddev7 · 2025-11-03T18:06:13Z

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarclouddev7 · 2025-11-07T10:53:26Z

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqube-cloud-dev17 · 2025-11-10T11:27:09Z

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqube-cloud-dev17 · 2026-02-03T13:43:11Z

See all code changes, issues, and quality metrics in one place.

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqube-cloud-dev17 · 2026-02-04T13:39:50Z

See all code changes, issues, and quality metrics in one place.

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarclouddev5 · 2026-02-11T15:25:24Z

See all code changes, issues, and quality metrics in one place.

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqubecloud · 2026-02-12T09:43:04Z

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqube-cloud-dev18 · 2026-02-12T13:08:39Z

SonarQube reviewer guide

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqube-cloud-dev17 · 2026-02-13T10:25:54Z

See all code changes, issues, and quality metrics in one place.

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarclouddev12 · 2026-02-17T08:22:01Z

SonarQube reviewer guide

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqube-cloud-staging · 2026-02-17T16:52:56Z

SonarQube reviewer guide

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarclouddev12 · 2026-02-18T14:08:24Z

SonarQube reviewer guide

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqubecloud · 2026-02-19T17:48:06Z

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarqubecloud · 2026-02-24T13:36:18Z

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE


+const queryParams = new URLSearchParams(document.location.search);
+const redirectUrl = queryParams.get("url");
+document.location = redirectUrl;


sonarclouddev5 · 2026-03-03T10:04:49Z

SonarQube reviewer guide

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarclouddev5 · 2026-03-03T18:22:23Z

SonarQube reviewer guide

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

sonarclouddev6 · 2026-03-04T12:35:13Z

SonarQube reviewer guide

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE


+const queryParams = new URLSearchParams(document.location.search);
+const redirectUrl = queryParams.get("url");
+document.location = redirectUrl;


sonarqube-cloud-staging · 2026-03-05T08:13:07Z

SonarQube reviewer guide

Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

Update main.js

eb83ecd

github-advanced-security AI found potential problems Nov 13, 2023

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 2, 2024

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 22, 2024

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 22, 2024

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 26, 2024

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 26, 2024

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 26, 2024

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 26, 2024

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 27, 2024

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 12, 2026

View reviewed changes

Comment thread src/main.js Fixed

github-advanced-security AI found potential problems Feb 24, 2026

View reviewed changes

github-advanced-security AI found potential problems Mar 4, 2026

View reviewed changes

Conversation

claire-villard-sonarsource commented Nov 13, 2023

Uh oh!

ghost commented Nov 13, 2023

Uh oh!

ghost commented Nov 13, 2023

Uh oh!

ghost commented Nov 13, 2023

Uh oh!

sonarqube-cloud-dev Bot commented Nov 13, 2023

Uh oh!

Uh oh!

ghost commented Nov 13, 2023

Uh oh!

ghost commented Nov 13, 2023

Quality Gate passed

Uh oh!

sonarqube-cloud-staging Bot commented Nov 13, 2023

Uh oh!

ghost commented Nov 17, 2023

Uh oh!

sonarqubecloud Bot commented Jan 23, 2024

Quality Gate passed

Uh oh!

ghost commented Jan 24, 2024

Quality Gate passed

Uh oh!

ghost commented Jan 24, 2024

Quality Gate passed

Uh oh!

ghost commented Jan 25, 2024

Quality Gate passed

Uh oh!

ghost commented Jan 26, 2024

Quality Gate passed

Uh oh!

Uh oh!

ghost commented Feb 2, 2024

Quality Gate failed

Uh oh!

sonarqube-cloud-staging Bot commented Feb 22, 2024

Quality Gate failed

Uh oh!

Uh oh!

sonarqubecloud Bot commented Feb 22, 2024

Quality Gate failed

Uh oh!

Uh oh!

sonarqube-cloud-staging Bot commented Feb 26, 2024

Quality Gate failed

Uh oh!

Uh oh!

sonarqubecloud Bot commented Feb 26, 2024

Quality Gate failed

Uh oh!

Uh oh!

sonarqubecloud Bot commented Feb 26, 2024

Quality Gate failed

Uh oh!

Uh oh!

sonarqubecloud Bot commented Feb 26, 2024

Quality Gate failed

Uh oh!

Uh oh!

Uh oh!

sonarclouddev4 Bot commented Aug 6, 2025

Quality Gate failed

Uh oh!

sonarclouddev14 Bot commented Aug 26, 2025

Quality Gate failed

Uh oh!

sonarclouddev10 Bot commented Sep 26, 2025

Quality Gate failed

Uh oh!

sonarclouddev13 Bot commented Sep 30, 2025

Quality Gate failed

Uh oh!

sonarqube-cloud-staging Bot commented Oct 3, 2025

Quality Gate failed

Uh oh!