# File lib/brakeman/checks/check_simple_format.rb, line 45 def warn_on_simple_format result, match return unless original? result @found_any = true warn :result => result, :warning_type => "Cross-Site Scripting", :warning_code => :CVE_2013_6416_call, :message => msg("Values passed to ", msg_code("simple_format"), " are not safe in ", msg_version(rails_version)), :confidence => :high, :link_path => "https://groups.google.com/d/msg/ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ", :user_input => match end