npm - compound-agent - Versions diffs - 1.8.0 → 2.0.1 - Mend

compound-agent 1.8.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (43) hide show

package/CHANGELOG.md +46 -1
package/README.md +30 -47
package/bin/ca +73 -0
package/package.json +25 -77
package/scripts/postinstall.cjs +245 -0
package/dist/cli.d.ts +0 -1
package/dist/cli.js +0 -13655
package/dist/cli.js.map +0 -1
package/dist/index.d.ts +0 -3730
package/dist/index.js +0 -3251
package/dist/index.js.map +0 -1
package/docs/research/AgenticAiCodebaseGuide.md +0 -1206
package/docs/research/BuildingACCompilerAnthropic.md +0 -116
package/docs/research/HarnessEngineeringOpenAi.md +0 -220
package/docs/research/code-review/systematic-review-methodology.md +0 -409
package/docs/research/index.md +0 -76
package/docs/research/learning-systems/knowledge-compounding-for-agents.md +0 -695
package/docs/research/property-testing/property-based-testing-and-invariants.md +0 -742
package/docs/research/scenario-testing/advanced-and-emerging.md +0 -470
package/docs/research/scenario-testing/core-foundations.md +0 -507
package/docs/research/scenario-testing/domain-specific-and-human-factors.md +0 -474
package/docs/research/security/auth-patterns.md +0 -138
package/docs/research/security/data-exposure.md +0 -185
package/docs/research/security/dependency-security.md +0 -91
package/docs/research/security/injection-patterns.md +0 -249
package/docs/research/security/overview.md +0 -81
package/docs/research/security/secrets-checklist.md +0 -92
package/docs/research/security/secure-coding-failure.md +0 -297
package/docs/research/software_architecture/01-science-of-decomposition.md +0 -615
package/docs/research/software_architecture/02-architecture-under-uncertainty.md +0 -649
package/docs/research/software_architecture/03-emergent-behavior-in-composed-systems.md +0 -644
package/docs/research/spec_design/decision_theory_specifications_and_multi_criteria_tradeoffs.md +0 -0
package/docs/research/spec_design/design_by_contract.md +0 -251
package/docs/research/spec_design/domain_driven_design_strategic_modeling.md +0 -183
package/docs/research/spec_design/formal_specification_methods.md +0 -161
package/docs/research/spec_design/logic_and_proof_theory_under_the_curry_howard_correspondence.md +0 -250
package/docs/research/spec_design/natural_language_formal_semantics_abuguity_in_specifications.md +0 -259
package/docs/research/spec_design/requirements_engineering.md +0 -234
package/docs/research/spec_design/systems_engineering_specifications_emergent_behavior_interface_contracts.md +0 -149
package/docs/research/spec_design/what_is_this_about.md +0 -305
package/docs/research/tdd/test-driven-development-methodology.md +0 -547
package/docs/research/test-optimization-strategies.md +0 -401
package/scripts/postinstall.mjs +0 -102

package/docs/research/security/secure-coding-failure.md DELETED Viewed

@@ -1,297 +0,0 @@
-# Secure Coding Failure Modes in Automated Code Review for Web Applications
-*February 23, 2026*
-## Abstract
-This survey examines recurring secure‑coding failure modes that an automated code review assistant is likely to encounter in contemporary JavaScript/TypeScript and Python web projects, with particular attention to OWASP‑classified risks and their concrete manifestations in source code. The analysis focuses on input‑driven code execution flaws (SQL injection, command injection, cross‑site scripting, server‑side request forgery, and server‑side template injection), secret and credential handling issues, authorization defects, sensitive data exposure through observability mechanisms, and dependency‑level vulnerabilities. The discussion treats these not as abstract categories but as patterns of code structure, framework usage, and configuration that can be surfaced via static or hybrid analysis during automated review. [techrxiv](https://www.techrxiv.org/articles/preprint/An_OWASP_Top_Ten_Driven_Survey_on_Web_Application_Protection_Methods/13265180/files/25545929.pdf)
-The survey identifies ten approach families, each representing a distinct vulnerability class plus one cross‑cutting governance layer that captures threat modelling, severity classification, and triage practices for automated tools. For each family, the survey documents underlying mechanisms, summarizes empirical and practitioner literature, notes representative tools and benchmarks, and characterizes strengths and limitations of detection strategies, with particular emphasis on language‑specific idioms in JavaScript/TypeScript and Python. The comparative synthesis highlights trade‑offs between maturity of defensive guidance, feasibility of automated detection at scale, susceptibility to false positives, and typical impact on confidentiality, integrity, and availability when such issues reach production. [techscience](https://www.techscience.com/cmc/v64n3/39444)
-## 1. Introduction
-This survey addresses the following question: how do common web application security vulnerabilities manifest at the code level in JS/TS and Python projects, and how can an automated review assistant classify and triage them without prescribing specific remediation choices. The problem matters because empirical studies and OWASP Top 10 data consistently document that classes such as broken access control, injection, and vulnerable components dominate real‑world incidents, while developers increasingly rely on automated tooling and language models to accelerate development. This dependence creates a dual challenge, namely propagating insecure patterns when generated code mirrors common vulnerabilities, and detecting those same patterns before deployment. [arxiv](https://arxiv.org/pdf/2311.10450.pdf)
-The scope covers five concrete injection families (SQL, OS command, XSS, SSRF, and server‑side template injection), hardcoded secrets and related mismanagement across source and configuration artifacts, broken access control and related IDOR defects, sensitive data exposure through logs, errors, URLs, and API responses, and dependency‑driven risks arising from vulnerable components and transitive CVEs. Project‑level threat modelling, OWASP‑aligned severity classification, and triage logic are included to reflect the operational context of a review tool that must prioritize findings, while network‑layer issues, cryptographic protocol design, and mobile‑specific platform abuses remain outside scope except where they intersect the listed families. The survey emphasizes code‑centric manifestations rather than runtime exploitation techniques, although it references exploitation research where doing so clarifies mechanism or impact. [ijece.iaescore](https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135)
-Three definitions are central. First, input‑driven code execution refers to cases where untrusted data influences an interpreter, query engine, shell, browser, or templating engine, thereby enabling adversaries to alter intended control flow or data access. Second, secrets within software artifacts are any values whose disclosure changes an attacker’s capabilities, including API keys, tokens, passwords, certificates, and database connection strings that frequently appear in code, configuration, or version control history. Third, broken access control denotes deviations between specified authorization policies and implemented checks, manifested as missing, incorrect, or bypassable enforcement around resources and operations, and currently occupies the top position in OWASP’s web risk rankings. These definitions ground the taxonomy introduced in §3 and the detailed analyses in §4. [owasp](https://owasp.org/Top10/2021/)
-## 2. Foundations
-The theoretical backdrop for injection flaws rests on interpreter composition, where a program constructs a string that is later parsed by another subsystem, such as a SQL engine or shell, without a syntactic separation between code and data. When untrusted data is concatenated into such interpreter inputs, adversaries can supply tokens that change the parse tree, thereby modifying predicates, adding statements, or invoking unexpected commands; OWASP’s injection materials consistently frame prepared or parameterized statements as structural defenses that maintain this separation. In languages like JavaScript and Python, the presence of powerful string interpolation facilities (template literals, f‑strings) raises the likelihood that developers assemble interpreter inputs dynamically, which interacts poorly with weak input validation and ad‑hoc escaping. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Query_Parameterization_Cheat_Sheet.html)
-Access control defects emerge from the separation between authentication (verifying identity or principal claims) and authorization (deciding which operations a principal may perform), a distinction that empirical surveys of broken access control repeatedly emphasize. Many frameworks offer authentication middleware that populates user identities, while leaving fine‑grained authorization logic to application code, thereby creating opportunities for missing checks, inconsistent role mappings, or insecure direct object references when resource identifiers are inferred from client‑supplied parameters. Recent mobile API studies document that such broken access control patterns frequently arise in backend APIs consumed by applications, including cases where unauthenticated clients can access privileged endpoints due to absent server‑side verification. [arxiv](https://arxiv.org/pdf/2310.14137.pdf)
-Dependency and supply‑chain risks reflect the modular nature of modern ecosystems, where applications depend on extensive third‑party libraries that themselves bundle transitive components whose versions and vulnerabilities may be opaque to developers. OWASP characterizes vulnerable and outdated components as a distinct category, noting that many organizations neither maintain an inventory of component versions nor perform regular vulnerability scans, which complicates risk assessment and timely patching. Package‑manager integrated audits, such as npm audit for JavaScript and pip‑audit or Safety for Python, operationalize vulnerability databases into developer workflows, yet still require mapping wide CVE sets to concrete application attack surfaces. [arxiv](https://arxiv.org/pdf/2103.12304.pdf)
-Secret management research provides further foundation by documenting large‑scale leakage of hardcoded credentials and tokens in public repositories, and by studying practices that teams adopt to mitigate such leakage. GitGuardian telemetry, for example, reports multi‑million annual secret exposures, while datasets like SecretBench and tools such as AssetHarvester and RiskHarvester build benchmarks and risk models for secret detection and prioritization within codebases. OWASP’s Secrets Management and DevSecOps guidelines complement this academic work by outlining patterns for keeping secrets out of source control, scanning repositories for accidental inclusion, and coordinating CI/CD and runtime environments. Together, these foundations motivate the taxonomy in §3. [arxiv](https://arxiv.org/pdf/2303.06729.pdf)
-## 3. Taxonomy of Approaches
-Table 1 presents the classification framework used in this survey. Each leaf node corresponds directly to one analysis subsection in §4.
-**Table 1: Taxonomy of security issue classes in automated code review**
-| ID  | Category                            | Approach / Leaf node                                      | Primary mechanism                                                         | Representative OWASP Top 10 mapping                          |
-|-----|-------------------------------------|-----------------------------------------------------------|---------------------------------------------------------------------------|--------------------------------------------------------------|
-| 4.1 | Input‑driven code execution         | SQL injection and ORM misuse                              | Untrusted data in query strings                                           | A03:2021 Injection; A06:2021 Components [owasp](https://owasp.org/Top10/2021/)      |
-| 4.2 | Input‑driven code execution         | Command injection and shell interaction                   | Untrusted data in OS command invocations                                  | A03:2021 Injection [owasp](https://owasp.org/Top10/2021/)                           |
-| 4.3 | Input‑driven code execution         | Cross‑site scripting (XSS)                                | Untrusted data in HTML or script sinks                                    | A03:2021 Injection; legacy A07:2017 XSS [owasp](https://owasp.org/Top10/2021/)      |
-| 4.4 | Input‑driven code execution         | Server‑side request forgery (SSRF)                        | Untrusted URLs or hosts used in server‑side HTTP or file requests         | A10:2021 SSRF; mapped CWE‑918 [owasp](https://owasp.org/Top10/2021/)                |
-| 4.5 | Input‑driven code execution         | Server‑side template injection (SSTI)                     | Untrusted data interpreted by template engines                            | A03:2021 Injection [portswigger](https://portswigger.net/web-security/server-side-template-injection)                           |
-| 4.6 | Secrets and credentials             | Hardcoded secrets and configuration leakage               | Credentials in source, config, or history                                 | A02:2021 Cryptographic failures; NHI Secret Leakage [owasp](https://owasp.org/Top10/2021/) |
-| 4.7 | Authorization and access control    | Broken access control and IDOR                            | Missing, incorrect, or bypassable authorization on resources              | A01:2021 and A01:2025 Broken Access Control [owasp](https://owasp.org/Top10/2021/A01_2021-Broken_Access_Control/)  |
-| 4.8 | Data exposure and observability     | Sensitive data in logs, error messages, URLs, and APIs    | PII or secrets propagated into observability or response surfaces         | Multiple, including CWE‑209 and URL exposure [owasp](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url) |
-| 4.9 | Dependency and supply‑chain         | Vulnerable and outdated components                        | Use of libraries and runtimes with known CVEs                             | A06:2021 Vulnerable Components [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)               |
-| 4.10| Project‑level governance and triage | Threat modelling, severity classification, and escalation | Mapping findings to impact, likelihood, and OWASP‑aligned severities      | OWASP Top 10 and risk framing [owasp](https://owasp.org/Top10/2021/)                |
-## 4. Analysis
-### 4.1 SQL injection and ORM misuse
-**Theory & mechanism.** SQL injection occurs when untrusted inputs are concatenated into SQL strings and subsequently interpreted by a database engine, enabling adversaries to modify predicates, union arbitrary result sets, or execute stacked queries depending on driver configuration. Parameterized queries alter the mechanism by binding user input as data values separate from the statement structure, which prevents user‑supplied tokens from being reinterpreted as SQL syntax, and OWASP cheat sheets therefore describe this pattern as the primary defensive idiom. In JavaScript/TypeScript, unsafe patterns frequently arise when template literals interpolate request parameters directly into SQL fragments, bypassing parameter binding that drivers like node‑postgres or libraries like Knex expose, while in Python similar issues appear when f‑strings or percent formatting construct queries passed to low‑level connectors rather than using APIs such as `cursor.execute(query, params)`. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)
-A canonical vulnerable JavaScript snippet embeds an unvalidated identifier directly: ```const q = `SELECT * FROM users WHERE id = ${req.query.id}`; db.query(q);```, which allows crafted values to terminate the predicate and append arbitrary conditions. Safe alternatives in the same environment construct a constant query with placeholders, for example `db.query('SELECT * FROM users WHERE id = $1', [req.query.id]);`, while similar patterns in Python use parametrized forms such as `cursor.execute("SELECT ... WHERE id = %s", (user_id,))`. ORM‑level abstractions, such as SQLAlchemy or TypeORM, generally generate parameterized statements automatically, although direct execution primitives (for example `.text()` in SQLAlchemy or `.query()` with raw strings in TypeORM) reintroduce risk when developers interpolate untrusted input manually. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)
-**Literature evidence.** OWASP’s SQL Injection Prevention and Query Parameterization cheat sheets document how parameterized queries across multiple languages and ORMs effectively prevent injection, while emphasizing that ad‑hoc escaping remains fragile and database specific. Broader OWASP Top Ten surveys classify injection, including SQL injection, as a top‑tier web risk, reflecting both frequency and severity across contributed datasets of real application assessments. Recent practitioner‑oriented resources and vendor blog material continue to present SQL injection as a primary case study, demonstrating that improper query construction persists even in frameworks that nominally support safer idioms. [owasp](https://owasp.org/www-project-top-ten/)
-**Implementations & benchmarks.** Static analysis tools for web applications often include rule sets that flag concatenated SQL statements involving request parameters, path variables, or JSON fields, sometimes recognizing language‑specific database APIs and distinguishing parameterized from non‑parameterized invocations. Benchmarking work comparing static analysis tools against OWASP‑aligned vulnerability corpora reports variable success in detecting injection issues, with higher recall when tools support taint tracking from input sources to query sinks and can model common ORM abstractions. No single public benchmark exhaustively covers JS/TS and Python ORMs, although research datasets such as those constructed for static analysis evaluations include representative SQL injection cases that can inform tool calibration. [techrxiv](https://www.techrxiv.org/articles/preprint/An_OWASP_Top_Ten_Driven_Survey_on_Web_Application_Protection_Methods/13265180/files/25545929.pdf)
-**Strengths & limitations.** Static detection of raw string concatenation into SQL APIs scales well when patterns are simple, particularly in dynamically typed languages where analysts can match common driver method names; however, complex query builders, metaprogramming, and custom abstraction layers reduce precision. False positives arise when concatenated fragments originate from trusted constants, while false negatives occur when untrusted data flows through multiple layers before reaching the query sink, especially when frameworks obscure that flow. Dynamic analysis and fuzzing techniques can validate suspected injection paths but incur higher cost and environment complexity, meaning automated review tools often rely primarily on static heuristics combined with limited data‑flow reasoning for triage. [techscience](https://www.techscience.com/cmc/v64n3/39444)
-### 4.2 Command injection and shell interaction
-**Theory & mechanism.** Command injection arises when applications construct shell command strings from untrusted data and execute them via interfaces that delegate parsing to the operating system shell, such as `child_process.exec` in Node.js or `subprocess.run(..., shell=True)` in Python. In such cases, malicious input can introduce shell metacharacters, argument separators, or command chaining operators, which modify the executed command sequence and potentially yield arbitrary code execution with the process’s privileges. In contrast, APIs that separate the executable path and argument list (for example `execFile` or `spawn` with array arguments in Node.js, or `subprocess.run([...], shell=False)` in Python) delegate no parsing to a shell, which substantially reduces the interpretive surface even in the presence of untrusted arguments. [arxiv](http://arxiv.org/pdf/2303.12340.pdf)
-A typical vulnerable Node.js pattern might read `exec('convert ' + req.query.file + ' out.png');`, which allows path injection and trailing commands when the `file` parameter contains characters like `;` or `&&`. In Python, code such as `os.system("tar xf " + archive_name)` exhibits similar issues, particularly when combined with relative paths that permit exploitation of working directory assumptions. Automated review tools can flag explicit uses of shell‑invoking APIs combined with direct concatenation of request data, but will find it more difficult to reason about intermediate transformations or combined data sources. [arxiv](http://arxiv.org/pdf/2303.12340.pdf)
-**Literature evidence.** OWASP’s Injection Prevention cheat sheet explicitly discusses OS command injection as part of the broader injection family, illustrating how shell interpreters expand meta‑characters and suggesting programming patterns that avoid these interpreters entirely. Broader analyses of insecure design in operational technology systems document that trivial command‑execution vulnerabilities in device management interfaces remain common, reinforcing that shell interaction remains a live concern rather than a purely legacy issue. Although academic attention often focuses on SQL or XSS, command injection appears frequently in vulnerability reports and CVEs associated with administrative web interfaces and developer tooling. [confluence.atlassian](https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html)
-**Implementations & benchmarks.** Static analyzers and security linters generally implement pattern‑based checks for functions like `exec`, `system`, or `popen` across languages, and some include taint tracking to establish whether their arguments depend on user‑controlled inputs. Benchmarks built around OWASP Top Ten categories include command injection cases, and some vendor test suites cover language‑specific APIs in Node.js and Python to evaluate detection coverage. Security testing frameworks for infrastructure as code and CI/CD pipelines similarly incorporate checks for unsafe shell construction, reflecting the pervasiveness of shell scripting idioms in build and deployment contexts. [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)
-**Strengths & limitations.** Command injection lends itself to signature‑based detection because the set of shell‑invoking APIs and associated anti‑patterns is relatively small, which favors scalable detection in large codebases. However, in JS/TS and Python, dynamic language features and metaprogramming can obscure which functions ultimately invoke the shell, particularly when wrappers and helper utilities hide the underlying call sites. False positives can occur when inputs are tightly constrained by validation logic not visible to the analyzer, while false negatives arise when user influence flows through configuration files, environment variables, or external data sources that the tool does not model. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)
-### 4.3 Cross‑site scripting (XSS)
-**Theory & mechanism.** Cross‑site scripting involves injection of attacker‑controlled scripts into a victim’s browser, typically by reflecting untrusted data into HTML or JavaScript contexts without appropriate escaping or sanitization. Stored XSS persists payloads in backend storage, while reflected and DOM‑based XSS arise from immediate reflection or client‑side script manipulation involving unsafe use of properties like `innerHTML` or APIs like `document.write`. In modern JS/TS frameworks such as React, Angular, or Vue, templating systems often auto‑escape text by default, although escape disabling mechanisms (for example `dangerouslySetInnerHTML` in React) and direct DOM access can bypass those protections, whereas in Python server frameworks templating engines like Jinja or Django templates provide similar defaults with explicit escape toggles. [portswigger](https://portswigger.net/web-security/server-side-template-injection)
-Code patterns that embed untrusted data directly into HTML strings, such as `res.send('<div>' + req.query.name + '</div>');` in Node.js or template constructs like `{{ user_input | safe }}` in Jinja when `user_input` originates from a request, create straightforward XSS surfaces. [owasp](https://owasp.org/www-project-top-ten/) JS/TS gotchas include dangerously binding unsanitized data into `on*` event attributes or using `v-html`‑like directives, while Python gotchas include using string concatenation instead of template variables, or disabling auto‑escaping globally for convenience. [owasp](https://owasp.org/www-project-top-ten/) Automated detection must therefore track not just raw string concatenation but also framework‑specific escape annotations and configuration flags. [techscience](https://www.techscience.com/cmc/v64n3/39444)
-**Literature evidence.** OWASP’s Top Ten documents XSS as historically the most prevalent client‑side web vulnerability and classifies it within the broader injection category in the 2021 list, indicating both high incidence and mature understanding. Numerous web security surveys and educational resources continue to foreground XSS in discussions of web risks, often providing framework‑specific examples that illustrate subtle templating pitfalls, including in single‑page applications where client‑side routing and state management alter attack surfaces. PortSwigger’s Web Security Academy materials present extensive case studies and exploitation patterns for XSS, which indirectly inform static and dynamic detection strategies through their systematic treatment of sinks and contexts. [owasp](https://owasp.org/Top10/2021/)
-**Implementations & benchmarks.** Static analyzers can identify obvious XSS sinks, such as `innerHTML`, `document.write`, or template expressions that interpolate unsafe variables into HTML or JavaScript contexts, and some include context‑sensitive escaping models, although full precision across complex frameworks remains challenging. Dynamic scanners and fuzzers, including browser‑based tools, often detect XSS by injecting payloads and checking for execution, which complements static analysis by covering cases where templating logic or runtime conditionals conditionally expose sinks. Public training labs and benchmarks, such as those hosted by PortSwigger, serve as de facto testbeds for evaluating detection coverage and for calibrating automated assistants. [owasp](https://owasp.org/www-project-top-ten/)
-**Strengths & limitations.** XSS detection benefits from extensive community experience, leading to well‑documented sink lists and escape rules, but modern front‑end frameworks complicate static reasoning because componentization, client‑side routing, and build‑time transformations obscure the mapping between source code and rendered DOM. JS/TS ecosystems further introduce complexity through transpilation (for example TypeScript to JavaScript), meta‑frameworks, and custom template engines, while Python backends may render templates that are later manipulated client‑side, creating cross‑boundary flows that static tools struggle to connect. Consequently, automated code review can flag high‑confidence patterns but will leave some DOM‑based or framework‑specific XSS risks to interactive testing or specialized tools. [portswigger](https://portswigger.net/web-security/server-side-template-injection)
-### 4.4 Server‑side request forgery (SSRF)
-**Theory & mechanism.** Server‑side request forgery exploits server‑side HTTP or network request capabilities to induce a target application to initiate connections to arbitrary hosts or URLs supplied by an attacker, often enabling access to otherwise internal resources such as cloud metadata services or internal APIs. The mechanism typically involves code that accepts a URL, hostname, or path parameter from a client and forwards it directly to an HTTP client library or file retrieval interface without adequate validation or destination constraints, thereby allowing adversaries to pivot through the server’s network position. This mechanism becomes particularly salient in templated document generators, webhooks, proxy services, and image or PDF fetchers that routinely request external resources. [owasp](https://owasp.org/Top10/2021/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/)
-Empirical write‑ups around SSRF in PDF generators show that user‑controlled HTML or URLs embedded in document templates can trigger server‑side fetches of arbitrary resources, including local files, when rendering engines interpret tags like `iframe` with file URLs, thereby combining HTML injection with SSRF and local file disclosure. Node.js projects often use libraries like `axios` or built‑in `http` modules to perform outbound requests, while Python code commonly uses `requests` or `urllib`, and in both cases vulnerabilities arise when input such as `req.query.url` or JSON fields are passed directly as request targets. Automated reviewers can search for these outbound request APIs and examine whether their targets derive from sanitized, constrained inputs or from arbitrary user data. [intigriti](https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-pdf-generators-a-complete-guide-to-finding-ssrf-vulnerabilities-in-pdf-generators)
-**Literature evidence.** OWASP’s 2021 Top 10 lists SSRF as a dedicated category (A10:2021), highlighting its systemic nature and the difficulty many organizations face in adequately segmenting internal services and constraining outbound access. CWE‑918 captures the core SSRF pattern, and OWASP’s SSRF prevention cheat sheet provides concrete mitigation strategies including allowlist validation and network-layer controls. Practitioner‑oriented articles focusing on SSRF in document processing and other micro‑services provide detailed exploitation examples and configuration pitfalls, which collectively document that this remains an active risk despite increased awareness. [owasp](https://owasp.org/Top10/2021/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/)
-**Implementations & benchmarks.** Static analysis tools can detect straightforward SSRF patterns by identifying outbound request APIs and tracing taint from request parameters or body fields into URL or hostname arguments, although they must also account for server‑side input transformations and default hosts. Practical SSRF detection often relies on dynamic testing with out‑of‑band interaction monitors that observe whether crafted URLs cause the application to reach callback servers, an approach that is less accessible to purely code‑based review but nonetheless relevant for triage decisions. Benchmarks that combine SSRF with other vulnerabilities, such as template injection leading to SSRF escalation, illustrate that SSRF often appears in composite exploit chains rather than isolation. [intigriti](https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-pdf-generators-a-complete-guide-to-finding-ssrf-vulnerabilities-in-pdf-generators)
-**Strengths & limitations.** SSRF detection via static analysis is feasible when outbound request APIs are used sparsely and the relationship between user input and request target is direct, but becomes more difficult when URLs are constructed via helper functions or configuration layers, or when input passes through sanitization functions that analyzers cannot semantically interpret. Distinguishing benign proxy or redirect functionalities from exploitable SSRF requires contextual knowledge about network topology and accessible internal services, which code‑only tools generally lack. Automated reviewers can therefore reliably surface candidate SSRF patterns but cannot alone estimate the full impact without environmental information, something threat modelling in §4.10 addresses conceptually. [techscience](https://www.techscience.com/cmc/v64n3/39444)
-### 4.5 Server‑side template injection (SSTI)
-**Theory & mechanism.** Server‑side template injection occurs when untrusted input is incorporated directly into template definitions that are later rendered by a server‑side template engine, thereby allowing attackers to execute arbitrary template expressions and, in many engines, arbitrary code. Template engines such as Jinja2, Twig, Freemarker, or various Java expression languages often provide rich expression syntax that can access object attributes, call methods, or import modules, which transforms seemingly innocuous text formatting into a code execution surface when control characters and delimiters are attacker‑controlled. The mechanism differs from mere HTML injection because evaluation occurs on the server before the resulting HTML is sent to clients, enabling direct interaction with sensitive server resources. [confluence.atlassian](https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html)
-PortSwigger’s work on SSTI shows that patterns such as `render("Hello " + username)` in which `username` is attacker‑controlled and concatenated into a template string allow simple fuzzing payloads like `${7*7}` to reveal evaluation by returning computed rather than literal values. High‑profile advisories, for example Atlassian’s CVE‑2023‑22527 affecting out‑of‑date Confluence servers, illustrate that template injection vulnerabilities can permit unauthenticated remote code execution in widely deployed enterprise systems when template parameters are derived from untrusted HTTP parameters. In Python ecosystems, unsafe use of Jinja2’s `Template` with untrusted template strings, or disabling sandboxing features, exemplifies similar mechanisms. [portswigger](https://portswigger.net/web-security/server-side-template-injection)
-**Literature evidence.** PortSwigger’s initial conference work and subsequent Web Security Academy modules systematize SSTI as a distinct vulnerability class, describing both detection methodology and exploitation primitives for multiple template engines. Vendor security advisories on template injection, such as Atlassian’s Confluence bulletin, document real‑world impact, including unauthenticated remote code execution, which demonstrates that such issues extend beyond demonstration laboratories. Additional practitioner analyses describe escalation paths where apparently minor HTML or template manipulation vulnerabilities lead to SSRF, local file disclosure, or full code execution, underscoring SSTI’s compositional severity. [intigriti](https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-pdf-generators-a-complete-guide-to-finding-ssrf-vulnerabilities-in-pdf-generators)
-**Implementations & benchmarks.** Static analysis can highlight uses of template engine APIs that compile or render templates from strings derived partially or wholly from user input, particularly where helper functions convert request fields directly into template bodies or fragments. However, because template engines differ widely in syntax and sandboxing features, analyzers often resort to heuristic identification of dynamic template sources rather than full interpretation of template language semantics. Real‑world CVEs and training labs provide concrete samples that can seed detection rules, but there is limited systematic benchmarking of SSTI coverage compared with SQL injection or XSS. [confluence.atlassian](https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html)
-**Strengths & limitations.** SSTI lends itself to code review because vulnerable patterns often appear as explicit concatenations of untrusted data into template strings or as configuration flags that disable sandboxing, yet precise assessment of exploitability can depend on template engine configuration and available gadgets in the runtime environment. Automated detection may over‑approximate risk when untrusted input is merely interpolated into data fields within templates rather than evaluated as code, although research suggests that template expression languages often blur this distinction. As a result, automated tools can flag high‑risk patterns reliably, but estimating whether a particular SSTI is reachable and exploitable frequently requires targeted testing or manual reasoning. [intigriti](https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-pdf-generators-a-complete-guide-to-finding-ssrf-vulnerabilities-in-pdf-generators)
-### 4.6 Hardcoded secrets and configuration leakage
-**Theory & mechanism.** Hardcoded secrets arise when sensitive credentials, such as API keys, access tokens, passwords, or private keys, are embedded directly in source code, configuration files, or test fixtures that are stored in version control, copied into container images, or otherwise distributed with the application. This pattern expands the attack surface because compromise of the code repository, CI logs, or build artifacts yields immediate credential exposure, and because version control history frequently preserves secrets even after developers remove them from current revisions. Typical examples include lines like `password = "P@ssw0rd"` in a Python module, `apiToken: 'abcd...'` in a TypeScript configuration, or committed `.env` files that include database connection strings and JWT signing keys. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)
-Empirical studies based on GitHub telemetry report millions of leaked secrets annually, with GitGuardian’s monitoring indicating sharp year‑over‑year increases and diverse credential types ranging from database passwords to cloud provider keys. Research prototypes such as SecretBench and AssetHarvester build benchmarks and static analysis techniques for detecting secrets and associating them with assets, while RiskHarvester explores risk‑based prioritization of secret removal given the abundance of findings and developers’ limited capacity. OWASP’s Secrets Management cheat sheet and DevSecOps guidelines further describe practices for managing secrets outside code, scanning repositories, and using CI/CD pipelines and dedicated secret stores to handle key distribution. [arxiv](https://arxiv.org/pdf/2502.01020.pdf)
-**Literature evidence.** SecretBench documents the construction of a labeled dataset of software secrets, including patterns and contexts, to support evaluation of detection tools, and quantifies the prevalence of different secret types in public codebases. Subsequent work on secret management practices synthesizes industrial approaches and notes that even sophisticated teams encounter challenges balancing developer convenience, security controls, and operational complexity when adopting secret management solutions. OWASP’s Non‑Human Identities Top 10 project identifies secret leakage as a core risk, reporting that a substantial fraction of organizations store secrets either in environment variables or directly in application code, thereby formalizing this concern beyond ad‑hoc anecdotes. [arxiv](https://arxiv.org/pdf/2208.11280.pdf)
-**Implementations & benchmarks.** Numerous open‑source and commercial tools perform pattern‑ and entropy‑based scanning of repositories and CI pipelines, leveraging regular expressions for known key formats, statistical models for high‑entropy strings, and heuristics for variable names like `password` or `token`. Benchmarks like SecretBench and RiskBench provide ground‑truth datasets against which secret detection tools can be evaluated for precision and recall, enabling more rigorous comparison than anecdotal case studies. Developer‑oriented educational content, such as tutorials on eliminating hardcoded secrets in Python and using `.env` files and ignore rules, illustrates common pitfalls around committing configuration files and clarifies the distinct roles of development convenience and production‑grade secret management. [arxiv](http://arxiv.org/pdf/2403.19072.pdf)
-**Strengths & limitations.** Secret detection via static analysis scales well because many secrets exhibit recognizable formats or statistical properties, and scanning can be integrated into pre‑commit hooks or CI pipelines with relatively low overhead. However, high false positive rates for high‑entropy values and context‑sensitive decisions about what constitutes a secret can lead to developer fatigue, which recent research on risk‑based prioritization explicitly attempts to address. Automated review tools can reliably highlight hardcoded constants and committed `.env` files, yet distinguishing test scaffolding, fake keys, or intentionally embedded public values from exploitable credentials often requires additional metadata or human judgement. [arxiv](http://arxiv.org/pdf/2008.05997.pdf)
-### 4.7 Broken access control and IDOR
-**Theory & mechanism.** Broken access control refers to discrepancies between intended authorization policies and actual enforcement, including missing checks, inconsistent role mappings, and insecure direct object references in which user‑supplied identifiers control access to resources without adequate verification. Mechanistically, this class encompasses route handlers or controller methods that omit authorization middleware, backends that trust client‑asserted roles or user identifiers, and APIs that expose object IDs without verifying ownership or permissions on subsequent requests. JS/TS frameworks like Express or NestJS and Python frameworks like Django or FastAPI typically provide hooks for applying guards or decorators at route or controller level, and defects appear when these hooks are absent, misconfigured, or inconsistently applied. [owasp](https://owasp.org/Top10/2021/A01_2021-Broken_Access_Control/)
-OWASP’s Top 10 positions broken access control as the leading web risk, citing data indicating that the overwhelming majority of assessed applications exhibit some form of access control weakness, including exposure of sensitive information and elevation of privileges. A detailed OWASP entry enumerates common examples, such as parameter tampering to access other users’ records, missing access controls on modification operations like POST or DELETE, misuse of JSON Web Tokens (JWTs), and CORS misconfigurations that enable cross‑origin access to restricted APIs. Recent academic surveys of broken access control detection for web applications and mobile APIs corroborate that these issues remain widespread and difficult to eliminate systematically. [arxiv](https://arxiv.org/pdf/2310.14137.pdf)
-**Literature evidence.** Surveys focusing on broken access control document a variety of detection techniques, from static pattern checking of authorization middleware usage to dynamic analysis of API behavior under crafted requests that attempt privilege escalation. A recent modular analysis of mobile application APIs reports that easily exploitable broken access control vulnerabilities appear in over half of examined applications, often enabling exfiltration of sensitive personal and credential data. OWASP’s 2021 and 2025 Broken Access Control materials consolidate community insights into specific CWEs, including insecure direct object references, incorrect authorization, and exposure of private personal information to unauthorized actors. [ijece.iaescore](https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135)
-**Implementations & benchmarks.** Static analysis approaches often attempt to verify that protected routes or controllers consistently include authorization checks, for example by enforcing that certain decorators or middleware functions appear on all endpoints under specified paths, or that sensitive operations call guard functions. Model‑driven approaches use security patterns or formal specifications to verify access control properties at design time, although such approaches require significant upfront modeling effort that many agile teams may not undertake. Benchmarks in research settings build synthetic or semi‑synthetic applications with known access control flaws to evaluate detection techniques, while industry penetration testing engagements generate empirical but often proprietary evidence. [downloads.hindawi](https://downloads.hindawi.com/journals/wcmc/2022/1657627.pdf)
-**Strengths & limitations.** Static detection of missing authorization is inherently challenging because correct behavior depends on application‑specific policies, and the absence of an authorization call does not always imply a vulnerability when endpoints serve only public data. Nonetheless, automated review tools can identify suspicious patterns, such as direct use of user‑controlled identifiers in database queries without ownership checks, or endpoints that modify sensitive resources yet bypass common guard middleware used elsewhere in the codebase. Dynamic testing and specialized access control analysis tools can validate suspected issues more definitively, albeit at higher cost and with dependencies on test data and environment fidelity. [owasp](https://owasp.org/Top10/2021/A01_2021-Broken_Access_Control/)
-### 4.8 Sensitive data in logs, error messages, URLs, and APIs
-**Theory & mechanism.** Sensitive data exposure through observability and API design arises when personally identifiable information, authentication credentials, tokens, or internal configuration details appear in logs, verbose error responses, URLs, or unnecessarily broad API payloads. Mechanistically, this can occur when applications append entire request bodies or headers to logs, construct detailed stack traces and database error messages for client consumption, embed tokens or email addresses in query parameters, or serialize backend entities into API responses without filtering out fields not required by clients. Because logs and URLs may traverse multiple systems, including reverse proxies, monitoring tools, and browser history, such exposure increases the number of potential adversary viewpoints. [owasp](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)
-OWASP specifically describes information exposure through query strings in URLs, noting that sensitive parameters such as usernames, authentication tokens, and one‑time passwords can appear in server logs, referrer headers, browser caches, and shared infrastructure regardless of TLS usage. OWASP’s Logging cheat sheet acknowledges that logs often contain personal and technical secrets, and therefore requires careful data selection, de‑identification, and sanitization, as well as access control on log stores themselves. Practitioner resources illustrate real incidents where error messages exposing database connection strings, including usernames and passwords, were used by attackers to escalate access and compromise underlying data stores. [learn.snyk](https://learn.snyk.io/lesson/error-message-with-sensitive-information/)
-**Literature evidence.** OWASP and CWE documents covering improper error handling and information exposure (for example CWE‑209) catalog conditions under which detailed error diagnostics leak sensitive data, and discuss associated risks and potential mitigations. Educational articles from security vendors elaborate these risks by presenting case studies in which error messages containing connection strings or stack traces facilitated subsequent injection or privilege escalation attacks. Broader privacy and logging guidance stresses the need for pseudonymization, field‑level control, and strict separation of operational observability from user‑identifiable records. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html)
-**Implementations & benchmarks.** Automated code review tools can search for patterns where logging calls receive unfiltered request objects, headers, or exceptions, as well as for format strings that explicitly reference fields like `password`, `Authorization`, or `token`. They can also identify explicit concatenation of sensitive parameters into URLs and inspect router definitions that include PII in path parameters or query strings, particularly in JS/TS routing libraries and Python frameworks like Django or FastAPI. Benchmarking remains relatively ad hoc, though test applications designed for training often include intentionally verbose error handling and logging configurations that can serve as detection testbeds. [owasp](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)
-**Strengths & limitations.** Static matching of sensitive field names and logging APIs scales well but can miss exposures when sensitive values are obfuscated or when data flows into custom logging abstractions that tools cannot easily model. Conversely, many logging statements that mention generic variables may not actually contain sensitive data, which complicates automated triage and requires additional context about data types or threat models. For URLs and API responses, automated tools can detect the presence of fields likely to contain PII or secrets but cannot, without additional policies, distinguish between acceptable uses (for example business‑required identifiers) and avoidable exposure that organizations might prefer to reduce for compliance or security reasons. [stackhawk](https://www.stackhawk.com/blog/sensitive-information-disclosure/)
-### 4.9 Vulnerable and outdated components
-**Theory & mechanism.** Vulnerable and outdated components represent cases where applications depend on libraries, frameworks, runtimes, or infrastructure with known vulnerabilities documented in CVE databases, including both direct and transitive dependencies. Mechanistically, these vulnerabilities propagate into an application when code invokes affected library functions or when the mere presence of a component exposes exploitable surfaces, such as embedded web consoles or default administrative interfaces. JavaScript and Python ecosystems exemplify this risk because applications often declare dozens or hundreds of dependencies in package manifests, while transitive dependency trees introduce relationships that developers may not consciously manage. [blog.securelayer7](https://blog.securelayer7.net/a06-vulnerable-outdated-components/)
-OWASP’s A06:2021 entry describes multiple conditions that increase risk from components, including lack of version awareness, use of unsupported software, infrequent vulnerability scanning, delayed patching, and absent compatibility testing of updates. Practitioner materials elaborate that outdated components, such as old WordPress plugins, npm packages with unpatched CVEs, or vulnerable API frameworks, can be exploited directly, even when application code itself appears benign, and recommend maintaining an inventory and performing regular scans. Software lineage research further shows how vulnerable code propagates across repositories through copying and reuse, including cases where vulnerabilities persist despite upstream fixes due to decoupled update cycles. [aiqamonkey](https://aiqamonkey.com/blog/owasp-top-10-explained.php)
-**Literature evidence.** OWASP’s documentation on vulnerable and outdated components synthesizes community experience and incorporates data from large vulnerability datasets, emphasizing that many exploited issues fall into this category. Additional articles from security vendors and researchers describe root causes, such as lack of component version documentation and infrequent scanning, and identify CWEs like CWE‑1104 and CWE‑937 that capture unmaintained and known‑vulnerable component usage. Recent tutorials and guides discuss practical tools, including npm audit for Node.js and pip‑audit or Safety for Python, which interface with vulnerability databases to provide actionable inventories of at‑risk packages. [blog.securelayer7](https://blog.securelayer7.net/a06-vulnerable-outdated-components/)
-**Implementations & benchmarks.** Software composition analysis (SCA) tools parse manifest files, lockfiles, and sometimes container images to build a dependency graph, then correlate identified versions with CVE databases or curated advisories. In JavaScript ecosystems, `npm audit` and related ecosystem tools generate vulnerability reports for installed packages, while Python equivalents like `pip-audit` and `safety check` serve similar functions, and higher‑level platforms integrate these checks into CI/CD pipelines. Research on tracing vulnerable code lineage uses infrastructures such as World of Code to detect reuse of vulnerable files across large code collections, thereby quantifying propagation beyond what manifest‑based analyses capture. [arxiv](https://arxiv.org/pdf/2103.12304.pdf)
-**Strengths & limitations.** Dependency vulnerability detection scales well in terms of enumeration, since querying CVE databases for known component versions is straightforward once an accurate inventory exists, but mapping CVEs to actual application risk remains non‑trivial. Many vulnerabilities may affect optional code paths or features not enabled in a given project, and naive reliance on severity scores alone can overwhelm developers with low‑impact alerts, thereby complicating triage. Automated review tools that surface SCA findings can therefore enrich threat modelling (§4.10) but cannot themselves determine which vulnerable components constitute P0 emergencies versus P2 or P3 hygiene tasks without additional context. [aiqamonkey](https://aiqamonkey.com/blog/owasp-top-10-explained.php)
-### 4.10 Threat modelling, severity classification, and escalation
-**Theory & mechanism.** Threat modelling in the context of an automated review assistant involves identifying assets (for example user data, credentials, internal services), adversary capabilities, and trust boundaries within a typical JS/TS and Python web architecture, then mapping detected code patterns into potential attack paths aligned with OWASP categories. Severity classification structures this mapping into discrete tiers, such as P0 through P3, that reflect combinations of impact (for example data exfiltration, remote code execution, privilege escalation) and exploit likelihood given the exposed interfaces and mitigations. Triage logic determines when a detected issue warrants escalation to specialist security review versus annotation as a lower‑priority finding within developer tooling, an important function when automated analyses generate large volumes of alerts. [arxiv](https://arxiv.org/pdf/2405.01103.pdf)
-OWASP’s Top Ten and associated projects provide a risk‑based framing that can inform such classification, although they stop short of prescribing a universal severity mapping; organizations typically adapt OWASP categories to internal risk matrices that consider regulatory obligations and asset criticality. Recent work on integrating static analysers with large language models, such as LLMSecGuard, explores combining rule‑based detection with learned reasoning to triage and explain findings, which suggests potential future paths for automated assistants to perform more nuanced threat modelling and severity assignment. Research in secret detection and asset association similarly highlights the value of coupling raw findings with context about affected assets to prioritize remediation when resources are constrained. [arxiv](https://arxiv.org/pdf/2502.01020.pdf)
-**Literature evidence.** The OWASP DevSecOps guideline and related materials discuss integrating security checks, including secrets detection, dependency scanning, and static analysis, into CI/CD pipelines, implicitly requiring threat models that determine which findings block builds and which are logged for later resolution. LLMSecGuard explicitly investigates the security properties of code generated by language models and proposes a framework that leverages both static tools and LLMs to improve security, documenting limitations of current models in precise vulnerability reasoning. Studies on secret leakage prioritization, such as RiskHarvester and AssetHarvester, formalize risk scoring that accounts for associated assets and data sensitivity, providing concrete examples of triage‑oriented modelling beyond simple pattern detection. [owasp](https://owasp.org/www-project-devsecops-guideline/latest/01a-Secrets-Management)
-**Implementations & benchmarks.** In practical tooling, P0 often denotes vulnerabilities enabling unauthenticated remote code execution, direct credential compromise, or broad unauthorized data access, P1 denotes high‑impact but authenticated or constrained exploits, P2 captures medium‑impact or harder‑to‑exploit issues, and P3 represents informational or hardening opportunities, although nomenclature varies by organization. Automated review systems can map SQL injection, command injection, severe SSTI, and high‑impact broken access control findings into P0 or P1 classes when evidence suggests reachable exploitation, while mapping logging misconfigurations, minor information exposures, or low‑impact dependency vulnerabilities into P2 or P3 tiers. Benchmarks for such classification are currently sparse, though emerging evaluations of LLM‑assisted security tools begin to treat severity labelling accuracy as a metric. [arxiv](https://arxiv.org/pdf/2405.01103.pdf)
-**Strengths & limitations.** Structured threat modelling and severity classification allow automated review tools to present findings in a manner aligned with organizational risk tolerances, facilitating consistent escalation and decision‑making, but these structures rely on accurate assumptions about deployment environments and attacker models that code alone rarely reveals. Automated severity assignment may over‑ or under‑estimate impact when environmental compensating controls, such as network segmentation, web application firewalls, or data minimization, substantially alter risk, or when subtle business logic elevates the importance of seemingly minor issues. As a result, automated assistants can support but not replace human threat modelling, and research continues on how to incorporate contextual signals, such as asset classification and data sensitivity, into automated severity reasoning. [arxiv](http://arxiv.org/pdf/2403.19072.pdf)
-## 5. Comparative Synthesis
-**Table 2: Cross‑cutting characteristics of approaches**
-| ID   | Approach                                           | Guidance maturity | Static detection complexity | Automated scalability | Typical exploit impact                                      | Evidence quality |
-|------|----------------------------------------------------|-------------------|-----------------------------|-----------------------|-------------------------------------------------------------|------------------|
-| 4.1  | SQL injection and ORM misuse                       | High [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)          | Medium [techscience](https://www.techscience.com/cmc/v64n3/39444)                     | High [techscience](https://www.techscience.com/cmc/v64n3/39444)                 | Data exfiltration, auth bypass, RCE in some DBs [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)  | High [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)          |
-| 4.2  | Command injection and shell interaction            | Medium [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)        | Low–medium [techscience](https://www.techscience.com/cmc/v64n3/39444)                 | High [techscience](https://www.techscience.com/cmc/v64n3/39444)                 | RCE with process privileges [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)                      | Medium [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)        |
-| 4.3  | Cross‑site scripting (XSS)                         | High [owasp](https://owasp.org/Top10/2021/)          | Medium–high [techscience](https://www.techscience.com/cmc/v64n3/39444)                | Medium [techscience](https://www.techscience.com/cmc/v64n3/39444)               | Session theft, DOM defacement, CSRF facilitation [owasp](https://owasp.org/www-project-top-ten/) | High [owasp](https://owasp.org/www-project-top-ten/)          |
-| 4.4  | Server‑side request forgery (SSRF)                 | Medium [owasp](https://owasp.org/Top10/2021/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/)        | Medium [techscience](https://www.techscience.com/cmc/v64n3/39444)                     | Medium [techscience](https://www.techscience.com/cmc/v64n3/39444)               | Internal network access, metadata theft [owasp](https://owasp.org/Top10/2021/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/)         | Medium [owasp](https://owasp.org/Top10/2021/A10_2021-Server-Side_Request_Forgery_%28SSRF%29/)        |
-| 4.5  | Server‑side template injection (SSTI)              | Medium [portswigger](https://portswigger.net/web-security/server-side-template-injection)        | Medium [techscience](https://www.techscience.com/cmc/v64n3/39444)                     | Medium [techscience](https://www.techscience.com/cmc/v64n3/39444)               | Often RCE, SSRF, data exfiltration [portswigger](https://portswigger.net/web-security/server-side-template-injection)              | Medium [portswigger](https://portswigger.net/web-security/server-side-template-injection)        |
-| 4.6  | Hardcoded secrets and configuration leakage        | High [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)          | Low [owasp](https://owasp.org/www-project-devsecops-guideline/latest/01a-Secrets-Management)                        | High [owasp](https://owasp.org/www-project-devsecops-guideline/latest/01a-Secrets-Management)                 | Credential compromise, lateral movement [arxiv](https://arxiv.org/pdf/2303.06729.pdf)         | High [arxiv](https://arxiv.org/pdf/2303.06729.pdf)          |
-| 4.7  | Broken access control and IDOR                     | High [owasp](https://owasp.org/Top10/2021/A01_2021-Broken_Access_Control/)          | High [ijece.iaescore](https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135)                       | Medium [ijece.iaescore](https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135)               | Unauthorized data access, privilege escalation [owasp](https://owasp.org/Top10/2021/A01_2021-Broken_Access_Control/)  | High [ijece.iaescore](https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135)          |
-| 4.8  | Sensitive data in logs, errors, URLs, and APIs     | Medium [owasp](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)        | Medium [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html)                     | High [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html)                 | PII leakage, token exposure, reconnaissance [owasp](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)     | Medium [owasp](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)        |
-| 4.9  | Vulnerable and outdated components                 | High [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)          | Low [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)                        | High [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)                 | Varies: RCE, data breaches, DoS [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)                 | High [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)          |
-| 4.10 | Threat modelling, severity classification, triage  | Emerging [arxiv](https://arxiv.org/pdf/2405.01103.pdf)      | High [ijece.iaescore](https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135)                       | Medium [arxiv](https://arxiv.org/pdf/2405.01103.pdf)               | Indirect, shapes prioritization of all above [owasp](https://owasp.org/Top10/2021/)    | Medium [arxiv](https://arxiv.org/pdf/2405.01103.pdf)        |
-The table reveals that guidance maturity is highest for long‑studied categories like SQL injection, XSS, and vulnerable components, whereas threat modelling and automated triage remain comparatively less standardized despite growing research attention. Static detection complexity and automated scalability vary markedly, with hardcoded secrets and vulnerable components lending themselves to broad automated coverage, while broken access control and nuanced data exposure require more contextual reasoning and therefore exhibit higher complexity and lower fully automated scalability. Impact profiles differ as well, since some categories, such as SSTI and command injection, frequently enable immediate remote code execution, while others, such as logging misconfigurations or low‑impact dependency issues, contribute primarily to information leakage or incremental attack surface rather than single‑step catastrophic compromise. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)
-## 6. Open Problems & Gaps
-- Automated reasoning about access control semantics. Existing tools struggle to infer intended authorization policies from route structure and business requirements, leading either to under‑reporting of subtle broken access control issues or to over‑reporting when endpoints legitimately serve public data; resolving this gap would likely require richer specification mechanisms, improved taint and control‑flow analysis, and integration with design‑time artefacts. [ijece.iaescore](https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135)
-- Context‑aware secret detection and prioritization. While entropy‑ and pattern‑based scanning scales effectively, large organizations now face an abundance of secret‑related findings and limited capacity to remediate, which has motivated research into risk‑based prioritization that considers asset context and sensitivity but remains at an early stage; advancing this area would involve better asset discovery, classification, and linkage between code artefacts and runtime environments. [arxiv](https://arxiv.org/pdf/2303.06729.pdf)
-- Mapping dependency vulnerabilities to application‑level risk. Software composition analysis can enumerate CVEs affecting an application’s direct and transitive dependencies, yet practitioners still lack robust methodologies for determining how many of these vulnerabilities meaningfully affect their specific deployments, particularly when features are unused or protected by additional layers; research on vulnerable code lineage and component usage analysis suggests directions but has not yet converged on widely adopted practices. [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)
-- Quantifying and controlling observability‑driven data exposure. Guidelines on logging and error handling acknowledge the tension between rich diagnostics and privacy or security needs, but there is limited empirical work quantifying how often logs and error messages contribute to real incidents, or how different redaction and pseudonymization strategies affect incident response effectiveness; addressing this gap would require joint studies by security and observability communities. [learn.snyk](https://learn.snyk.io/lesson/error-message-with-sensitive-information/)
-- Evaluating and hardening LLM‑assisted code generation and review. Early frameworks such as LLMSecGuard document both the potential and the limitations of large language models in detecting and preventing vulnerabilities, yet comprehensive benchmarks that measure security posture of LLM‑generated code and accuracy of LLM‑assisted triage across the full taxonomy are still emerging; further work is needed to characterize failure modes and to integrate formal guarantees where feasible. [arxiv](https://arxiv.org/pdf/2311.10450.pdf)
-## 7. Conclusion
-The landscape surveyed here demonstrates that a relatively small set of structural vulnerability classes recurs across JS/TS and Python web projects, including injection into interpreters, mismanagement of secrets, broken access control, observability‑driven data exposure, and dependency‑level weaknesses, each with distinctive code‑level signatures and associated detection challenges. Long‑studied categories such as SQL injection and XSS benefit from mature guidance and widely implemented detection patterns, while emerging or composite risks such as SSRF, SSTI, and complex access control failures continue to generate high‑impact incidents despite increasing awareness. [owasp](https://owasp.org/Top10/2021/)
-Automated code review assistants operate within this landscape by surfacing syntactic and structural indicators for each class, leveraging static analysis, taint tracking, pattern matching, and software composition analysis to detect many issues at scale, while leaving others, particularly those requiring deep semantic or contextual reasoning, for dynamic testing or human analysis. Threat modelling and severity classification frameworks, informed by OWASP categories and recent research on LLM‑augmented security tooling, provide mechanisms for organizing these findings into prioritized views, though substantial open problems remain around context sensitivity, risk quantification, and integration with organizational processes. Consequently, the survey documents a field where foundational patterns are well understood, but where evolving architectures, tooling, and development practices continually create new opportunities and challenges for both attackers and defenders. [arxiv](http://arxiv.org/pdf/2303.12340.pdf)
-## References
-An OWASP Top Ten Driven Survey on Web Application Protection Methods, 2020, TechRxiv preprint, https://www.techrxiv.org/articles/preprint/An_OWASP_Top_Ten_Driven_Survey_on_Web_Application_Protection_Methods/13265180. [techrxiv](https://www.techrxiv.org/articles/preprint/An_OWASP_Top_Ten_Driven_Survey_on_Web_Application_Protection_Methods/13265180/files/25545929.pdf)
-An Approach for Verification of Secure Access Control Using Security Pattern, 2022, Wireless Communications and Mobile Computing (Hindawi), https://downloads.hindawi.com/journals/wcmc/2022/1657627.pdf. [downloads.hindawi](https://downloads.hindawi.com/journals/wcmc/2022/1657627.pdf)
-AssetHarvester: A Static Analysis Tool for Detecting Secret‑Asset Pairs in Software Artifacts, 2024, arXiv preprint, http://arxiv.org/pdf/2403.19072.pdf. [arxiv](http://arxiv.org/pdf/2403.19072.pdf)
-A06:2021 – Vulnerable and Outdated Components, 2021, OWASP, https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/. [owasp](https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/)
-A06 – Vulnerable and Outdated Components, 2025, SecureLayer7 Blog, https://blog.securelayer7.net/a06-vulnerable-outdated-components/. [blog.securelayer7](https://blog.securelayer7.net/a06-vulnerable-outdated-components/)
-A01:2021 Broken Access Control, 2021, OWASP, https://owasp.org/Top10/2021/A01_2021-Broken_Access_Control/. [owasp](https://owasp.org/Top10/2021/A01_2021-Broken_Access_Control/)
-A01:2025 Broken Access Control, 2025, OWASP, https://owasp.org/Top10/2025/A01_2025-Broken_Access_Control/. [owasp](https://owasp.org/Top10/2025/A01_2025-Broken_Access_Control/)
-CCIS: Logging Cheat Sheet, 2009, OWASP Cheat Sheet Series, https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html)
-CVE‑2023‑22527 – RCE (Remote Code Execution) Vulnerability in Confluence Data Center and Server, 2024, Atlassian Security Advisory, https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-c. [confluence.atlassian](https://confluence.atlassian.com/security/cve-2023-22527-rce-remote-code-execution-vulnerability-in-confluence-data-center-and-confluence-server-1333990257.html)
-Developing a Secure Web Application Using OWASP Guidelines, 2009, Computer and Information Science, https://ccsenet.org/journal/index.php/cis/article/download/4279/3726. [ccsenet](https://ccsenet.org/journal/index.php/cis/article/download/4279/3726)
-Exploiting PDF generators: A Complete Guide to Finding SSRF Vulnerabilities, 2025, Intigriti Blog, https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-pdf-generators-a-complete-guide-to-finding-ssrf-vulnerabilit. [intigriti](https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-pdf-generators-a-complete-guide-to-finding-ssrf-vulnerabilities-in-pdf-generators)
-Hardcoded Secrets | Tutorial and Examples, 2025, Snyk Learn, https://learn.snyk.io/lesson/hardcoded-secrets/. [learn.snyk](https://learn.snyk.io/lesson/hardcoded-secrets/)
-Information Exposure Through Query Strings in URL, 2017, OWASP Community, https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url. [owasp](https://owasp.org/www-community/vulnerabilities/Information_exposure_through_query_strings_in_url)
-Injection Prevention Cheat Sheet, 2010s, OWASP Cheat Sheet Series, https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Injection_Prevention_Cheat_Sheet.html)
-LLM Security Guard for Code, 2024, arXiv preprint, https://arxiv.org/pdf/2405.01103.pdf. [arxiv](https://arxiv.org/pdf/2405.01103.pdf)
-NHI2:2025 Secret Leakage, 2025, OWASP Non‑Human Identities Top 10, https://owasp.org/www-project-non-human-identities-top-10/2025/2-secret-leakage/. [owasp](https://owasp.org/www-project-non-human-identities-top-10/2025/2-secret-leakage/)
-OWASP DevSecOps Guideline – Secrets Management, 2016, OWASP, https://owasp.org/www-project-devsecops-guideline/latest/01a-Secrets-Management. [owasp](https://owasp.org/www-project-devsecops-guideline/latest/01a-Secrets-Management)
-OWASP Top Ten:2021, 2021, OWASP, https://owasp.org/Top10/2021/. [owasp](https://owasp.org/Top10/2021/)
-OWASP Top Ten Web Application Security Risks, 2021, OWASP, https://owasp.org/www-project-top-ten/. [owasp](https://owasp.org/www-project-top-ten/)
-Query Parameterization Cheat Sheet, 2016, OWASP Cheat Sheet Series, https://cheatsheetseries.owasp.org/cheatsheets/Query_Parameterization_Cheat_Sheet.html. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Query_Parameterization_Cheat_Sheet.html)
-RiskHarvester: A Risk‑based Tool to Prioritize Secret Removal Efforts in Software Artifacts, 2025, arXiv preprint, https://arxiv.org/pdf/2502.01020.pdf. [arxiv](https://arxiv.org/pdf/2502.01020.pdf)
-SecretBench: A Dataset of Software Secrets, 2023, arXiv preprint, https://arxiv.org/pdf/2303.06729.pdf. [arxiv](https://arxiv.org/pdf/2303.06729.pdf)
-Secrets Management Cheat Sheet, 2021, OWASP Cheat Sheet Series, https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html. [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)
-Server‑Side Template Injection: RCE for the Modern Web App, 2010s, PortSwigger Web Security Academy, https://portswigger.net/web-security/server-side-template-injection. [portswigger](https://portswigger.net/web-security/server-side-template-injection)
-Sniffing for Codebase Secret Leaks with Known Production Secrets in Industry, 2020, arXiv preprint, http://arxiv.org/pdf/2008.05997.pdf. [arxiv](http://arxiv.org/pdf/2008.05997.pdf)
-Survey on Detecting and Preventing Web Application Broken Access Control Attacks, 2024, Indonesian Journal of Electrical Engineering and Computer Science, https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135. [ijece.iaescore](https://ijece.iaescore.com/index.php/IJECE/article/download/33835/17135)
-Tracing Vulnerable Code Lineage, 2021, MSR Hackathon Paper, https://arxiv.org/pdf/2103.12304.pdf. [arxiv](https://arxiv.org/pdf/2103.12304.pdf)
-Vulnerabilities and Prevention Methods: Android Mobile Applications, 2021, IEEE Access, https://ieeexplore.ieee.org/document/9773615/. [ieeexplore.ieee](https://ieeexplore.ieee.org/document/9773615/)
-What Are the Practices for Secret Management in Software Artifacts?, 2022, arXiv preprint, https://arxiv.org/pdf/2208.11280.pdf. [arxiv](https://arxiv.org/pdf/2208.11280.pdf)
-What Is the Risk of Error Messages with Sensitive Information?, 2025, Snyk Learn, https://learn.snyk.io/lesson/error-message-with-sensitive-information/. [learn.snyk](https://learn.snyk.io/lesson/error-message-with-sensitive-information/)
-What Are Hardcoded Secrets? Risks & Best Practices, 2025, Apiiro Glossary, https://apiiro.com/glossary/hardcoded-secrets/. [apiiro](https://apiiro.com/glossary/hardcoded-secrets/)
-Why Broken Access Control Still Dominates the OWASP Top 10, 2026, Auth0 Blog, https://auth0.com/blog/why-broken-access-control-still-dominates-owasp-top-10/. [auth0](https://auth0.com/blog/why-broken-access-control-still-dominates-owasp-top-10/)
-You’ve Leaked a Secret in Your Git Repository – Now What?, 2025, Dev.to, https://dev.to/chriswinnen/youve-leaked-a-secret-in-your-git-repository-now-what-2od6. [dev](https://dev.to/chriswinnen/youve-leaked-a-secret-in-your-git-repository-now-what-2od6)
-You’ve Leaked a Secret in Your Git Repository – Overlooked Threats to DevOps, 2025, Pentera Blog, https://pentera.io/blog/git-repo-security-exposed-secrets/. [pentera](https://pentera.io/blog/git-repo-security-exposed-secrets/)
-OWASP A06 – Vulnerable and Outdated Components (Fix Commands), 2026, Aiqamonkey Blog, https://aiqamonkey.com/blog/owasp-top-10-explained.php. [aiqamonkey](https://aiqamonkey.com/blog/owasp-top-10-explained.php)
-Tales from the Git: Automating the Detection of Secrets on Code and Assessing Developers’ Password Choices, 2023, arXiv preprint, https://arxiv.org/pdf/2307.00892.pdf. [arxiv](https://arxiv.org/pdf/2307.00892.pdf)
-## Practitioner Resources
-- OWASP Cheat Sheet Series – SQL Injection Prevention, https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html (consolidated language‑agnostic and language‑specific guidance on structuring parameterized queries and input validation). [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/SQL_Injection_Prevention_Cheat_Sheet.html)
-- OWASP Cheat Sheet Series – Secrets Management, https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html (practical patterns for externalizing secrets, integrating with CI/CD, and avoiding hardcoded credentials in code). [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Secrets_Management_Cheat_Sheet.html)
-- OWASP Logging Cheat Sheet, https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html (operational guidance on logging design that balances forensic value with data minimization and resistance to log‑focused attacks). [cheatsheetseries.owasp](https://cheatsheetseries.owasp.org/cheatsheets/Logging_Cheat_Sheet.html)
-- PortSwigger Web Security Academy – SSTI and XSS Labs, https://portswigger.net/web-security (interactive labs demonstrating exploitation and detection of server‑side template injection, XSS, and related classes in realistic web applications). [portswigger](https://portswigger.net/web-security/server-side-template-injection)
-- SecretBench Dataset and Tools, https://arxiv.org/pdf/2303.06729.pdf (benchmark corpus and associated artefacts for evaluating and improving secret detection tools in codebases). [arxiv](https://arxiv.org/pdf/2303.06729.pdf)
-- npm audit and Related SCA Tools, https://owasp.org/Top10/2021/A06_2021-Vulnerable_and_Outdated_Components/ (ecosystem tooling for enumerating vulnerable and outdated components in JavaScript and Python projects, with integration paths into CI pipelines). [aiqamonkey](https://aiqamonkey.com/blog/owasp-top-10-explained.php)
-- LLMSecGuard Framework, https://arxiv.org/pdf/2405.01103.pdf (open‑source framework combining static analyzers and large language models to study and enhance code security properties in AI‑assisted development workflows). [arxiv](https://arxiv.org/pdf/2405.01103.pdf)
-- OWASP DevSecOps Guideline – Secrets in Repositories, https://owasp.org/www-project-devsecops-guideline/latest/01a-Secrets-Management (concrete examples and tools, such as git‑secrets and truffleHog, for scanning repositories and preventing secret introduction at commit time). [owasp](https://owasp.org/www-project-devsecops-guideline/latest/01a-Secrets-Management)