# File lib/brakeman/checks/check_sanitize_methods.rb, line 71
  def check_cve_2018_8048
    if loofah_vulnerable_cve_2018_8048?
      message = msg(msg_version(tracker.config.gem_version(:loofah), "loofah gem"), " is vulnerable (CVE-2018-8048). Upgrade to 2.1.2")

      if tracker.find_call(:target => false, :method => :sanitize).any?
        confidence = :high
      else
        confidence = :medium
      end

      warn :warning_type => "Cross-Site Scripting",
        :warning_code => :CVE_2018_8048,
        :message => message,
        :gem_info => gemfile_or_environment(:loofah),
        :confidence => confidence,
        :link_path => "https://github.com/flavorjones/loofah/issues/144"
    end
  end