# File lib/brakeman/checks/check_sanitize_methods.rb, line 42 def check_for_cve method, code, link tracker.find_call(:target => false, :method => method).each do |result| next if duplicate? result add_result result message = msg(msg_version(rails_version), " has a vulnerability in ", msg_code(method), ". Upgrade to ", msg_version(@fix_version), " or patch") warn :result => result, :warning_type => "Cross-Site Scripting", :warning_code => code, :message => message, :confidence => :high, :link_path => link end end