Page MenuHomePhabricator

Suppress or fix non-double escape phan-taint-check warnings for MW core
Open, NormalPublic

Description

As the first step to getting phan-taint-check running on MW core, we need to get rid of the false (and true!) positives in MW core.

As first step, ignore the double escaping warnings, to make this task more manageable (We can exclude those warnings in initial deployment to build process)

Event Timeline

Bawolff created this task.Feb 17 2019, 10:09 AM

Change 462839 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Avoid rawParams() in Special:Emailuser

https://gerrit.wikimedia.org/r/462839

Change 491035 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Make addIdentifierQuotes part of IDatabase

https://gerrit.wikimedia.org/r/491035

Aklapper renamed this task from Suppress or fix non-doubke escape phan-taint-check warnings for MW core to Suppress or fix non-double escape phan-taint-check warnings for MW core.Feb 17 2019, 11:07 AM

Change 491036 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Make Special:Version escape extension names that aren't links

https://gerrit.wikimedia.org/r/491036

Change 491037 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Do not use raw html for Special:ProtectedPages drop-down messages

https://gerrit.wikimedia.org/r/491037

Change 491038 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Use htmlspecialchars() not htmlentities in xml export for validity

https://gerrit.wikimedia.org/r/491038

Change 491039 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Various fixes to Block.php to make phan-taint-check happy

https://gerrit.wikimedia.org/r/491039

Change 491040 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Various fixes to make phan-taint-check happier

https://gerrit.wikimedia.org/r/491040

Change 491041 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Various fixes to make phan-taint-check happier

https://gerrit.wikimedia.org/r/491041

Change 491042 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Various fixes for phan-taint-check

https://gerrit.wikimedia.org/r/491042

Change 491043 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/core@master] Various fixes for phan-taint-check

https://gerrit.wikimedia.org/r/491043

Change 462839 merged by jenkins-bot:
[mediawiki/core@master] Avoid rawParams() in Special:Emailuser

https://gerrit.wikimedia.org/r/462839

Change 491037 merged by jenkins-bot:
[mediawiki/core@master] Do not use raw html for Special:ProtectedPages drop-down messages

https://gerrit.wikimedia.org/r/491037

Change 491042 merged by jenkins-bot:
[mediawiki/core@master] Various fixes for phan-taint-check

https://gerrit.wikimedia.org/r/491042

Change 491041 merged by jenkins-bot:
[mediawiki/core@master] Various fixes to make phan-taint-check happier

https://gerrit.wikimedia.org/r/491041

Change 491038 merged by jenkins-bot:
[mediawiki/core@master] Use htmlspecialchars() not htmlentities in xml export for validity

https://gerrit.wikimedia.org/r/491038

Change 491043 merged by jenkins-bot:
[mediawiki/core@master] Various fixes for phan-taint-check

https://gerrit.wikimedia.org/r/491043

Change 491040 merged by jenkins-bot:
[mediawiki/core@master] Various fixes to make phan-taint-check happier

https://gerrit.wikimedia.org/r/491040

Change 491035 merged by jenkins-bot:
[mediawiki/core@master] Make addIdentifierQuotes part of IDatabase

https://gerrit.wikimedia.org/r/491035

Change 491036 had a related patch set uploaded (by Krinkle; owner: Brian Wolff):
[mediawiki/core@master] Make Special:Version escape extension names that aren't links

https://gerrit.wikimedia.org/r/491036

Change 491036 merged by jenkins-bot:
[mediawiki/core@master] Make Special:Version escape extension names that aren't links

https://gerrit.wikimedia.org/r/491036

Krinkle moved this task from Inbox to Checkers on the MediaWiki-Core-Testing board.Apr 8 2019, 6:02 PM
Daimona added a subscriber: Daimona.EditedMay 15 2019, 5:22 PM

I checked with 2.x, and we have 64 DoubleEscaped of a total of 512 warnings, so they're not really a problem. I'll sample a few warnings and check how many false positives I got. If there are too many, it may be worth fixing taint-check first (if the fix is easy), then start working on core as soon as a future version (not 2.0) is released.

EDIT: And apparently some of them are false positives. I'll check how we can fix those. ATM I cannot compare the results with seccheck master due to system incompatibility, so I'm wondering, is there an error count available for taint-check master?

Daimona added a comment.EditedMay 19 2019, 11:48 AM

I checked with 2.x, and we have 64 DoubleEscaped of a total of 512 warnings

After having fixed some other regressions, running https://gerrit.wikimedia.org/r/#/c/mediawiki/tools/phan/SecurityCheckPlugin/+/507619/ on core yields 218 DoubleEscaped warnings and 249 total warnings. I'll look into the remaining issues.

sbassett changed the task status from Open to Stalled.Jun 26 2019, 7:21 PM
sbassett triaged this task as Normal priority.
sbassett added a subscriber: sbassett.

@Daimona - with r/507619 being merged, do we need to keep this task open? If there are remaining issues, do we want to break those out into other tasks?

@sbassett Great question! I think we need the final error count with seccheck 2.x. Individual tasks will probably be the right choice once we get a limited amount of different errors.

Change 522419 had a related patch set uploaded (by Daimona Eaytoy; owner: Daimona Eaytoy):
[mediawiki/core@master] [WIP] Add phan-taint-check-plugin

https://gerrit.wikimedia.org/r/522419

Daimona changed the task status from Stalled to Open.Jul 12 2019, 11:50 AM

Let's see how many things we have to fix, and whether to open separate tasks.

Daimona added a comment.EditedJul 15 2019, 11:20 AM

Current warnings list is here:

1<?xml version="1.0" encoding="ISO-8859-15"?>
2<checkstyle version="6.5">
3 <file name="includes/CategoryViewer.php">
4 <error line="184" severity="warning" message="Calling method \CategoryViewer::generateLink() in \CategoryViewer::addSubcategoryObject that outputs using tainted argument $[arg #4]. (Caused by: includes/CategoryViewer.php +203)" source="SecurityCheck-DoubleEscaped"/>
5 <error line="416" severity="warning" message="Calling method \CategoryViewer::formatList() in \CategoryViewer::getSubcategorySection that outputs using tainted argument $[arg #2]. (Caused by: includes/CategoryViewer.php +534) (Caused by: includes/CategoryViewer.php +191; includes/CategoryViewer.php +275)" source="SecurityCheck-DoubleEscaped"/>
6 <error line="446" severity="warning" message="Calling method \CategoryViewer::formatList() in \CategoryViewer::getPagesSection that outputs using tainted argument $[arg #2]. (Caused by: includes/CategoryViewer.php +534) (Caused by: includes/CategoryViewer.php +268; includes/CategoryViewer.php +279)" source="SecurityCheck-DoubleEscaped"/>
7 <error line="474" severity="warning" message="Calling method \CategoryViewer::formatList() in \CategoryViewer::getImageSection that outputs using tainted argument $[arg #2]. (Caused by: includes/CategoryViewer.php +534) (Caused by: includes/CategoryViewer.php +253; includes/CategoryViewer.php +283)" source="SecurityCheck-DoubleEscaped"/>
8 </file>
9 <file name="includes/Linker.php">
10 <error line="858" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/Linker.php +858)" source="SecurityCheck-DoubleEscaped"/>
11 <error line="1760" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/Linker.php +1760)" source="SecurityCheck-DoubleEscaped"/>
12 </file>
13 <file name="includes/OutputPage.php">
14 <error line="2561" severity="warning" message="Echoing expression that was not html escaped (Caused by: includes/OutputPage.php +1573; includes/OutputPage.php +1551; includes/OutputPage.php +1560; includes/OutputPage.php +1939; includes/OutputPage.php +2653; includes/OutputPage.php +3960; includes/OutputPage.php +2843; includes/OutputPage.php +2730; i...)" source="SecurityCheck-XSS"/>
15 <error line="3165" severity="warning" message="Calling method \ResourceLoader::makeConfigSetScript() in \OutputPage::getBottomScripts that outputs using tainted argument $[arg #1]. (Caused by: includes/resourceloader/ResourceLoader.php +1537) (Caused by: includes/OutputPage.php +1890)" source="SecurityCheck-DoubleEscaped"/>
16 <error line="3166" severity="warning" message="Calling method \ResourceLoader::makeConfigSetScript() in \OutputPage::getBottomScripts that outputs using tainted argument $[arg #1]. (Caused by: includes/resourceloader/ResourceLoader.php +1537) (Caused by: includes/OutputPage.php +1890)" source="SecurityCheck-DoubleEscaped"/>
17 <error line="3816" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/OutputPage.php +3812)" source="SecurityCheck-DoubleEscaped"/>
18 </file>
19 <file name="includes/Rest/ResponseFactory.php">
20 <error line="234" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/Rest/ResponseFactory.php +234)" source="SecurityCheck-DoubleEscaped"/>
21 </file>
22 <file name="includes/actions/HistoryAction.php">
23 <error line="415" severity="warning" message="Calling method \FeedItem::__construct() in \HistoryAction::feedEmpty that outputs using tainted argument $[arg #2]. (Caused by: includes/changes/FeedItem.php +145) (Caused by: Builtin-\Message::parseAsBlock; includes/language/Message.php +981)" source="SecurityCheck-DoubleEscaped"/>
24 <error line="457" severity="warning" message="Calling method \FeedItem::__construct() in \HistoryAction::feedItem that outputs using tainted argument $text. (Caused by: includes/changes/FeedItem.php +145) (Caused by: includes/actions/HistoryAction.php +436)" source="SecurityCheck-DoubleEscaped"/>
25 </file>
26 <file name="includes/actions/RawAction.php">
27 <error line="127" severity="warning" message="Calling method \HttpError::__construct() in \RawAction::onView that outputs using tainted argument $msg. (Caused by: includes/exception/HttpError.php +122) (Caused by: includes/actions/RawAction.php +126)" source="SecurityCheck-DoubleEscaped"/>
28 <error line="152" severity="warning" message="Calling method \HttpError::__construct() in \RawAction::onView that outputs using tainted argument $[arg #2]. (Caused by: includes/exception/HttpError.php +122) (Caused by: includes/GlobalFunctions.php +1270)" source="SecurityCheck-DoubleEscaped"/>
29 </file>
30 <file name="includes/api/ApiCSPReport.php">
31 <error line="188" severity="warning" message="Calling method \ApiCSPReport::error() in \ApiCSPReport::getReport that outputs using tainted argument $msg. (Caused by: includes/api/ApiCSPReport.php +252) (Caused by: includes/api/ApiCSPReport.php +184)" source="SecurityCheck-DoubleEscaped"/>
32 </file>
33 <file name="includes/api/ApiFeedContributions.php">
34 <error line="148" severity="warning" message="Calling method \FeedItem::__construct() in \ApiFeedContributions::feedItem that outputs using tainted argument $[arg #2]. (Caused by: includes/changes/FeedItem.php +145) (Caused by: includes/api/ApiFeedContributions.php +197; includes/api/ApiFeedContributions.php +177)" source="SecurityCheck-DoubleEscaped"/>
35 </file>
36 <file name="includes/api/ApiFeedWatchlist.php">
37 <error line="157" severity="warning" message="Calling method \FeedItem::__construct() in \ApiFeedWatchlist::execute that outputs using tainted argument $errorTitle. (Caused by: includes/changes/FeedItem.php +119) (Caused by: includes/api/ApiFeedWatchlist.php +155)" source="SecurityCheck-DoubleEscaped"/>
38 <error line="164" severity="warning" message="Calling method \FeedItem::__construct() in \ApiFeedWatchlist::execute that outputs using tainted argument $errorTitle. (Caused by: includes/changes/FeedItem.php +119) (Caused by: includes/api/ApiFeedWatchlist.php +162)" source="SecurityCheck-DoubleEscaped"/>
39 </file>
40 <file name="includes/api/ApiFormatJson.php">
41 <error line="112" severity="warning" message="Calling method \ApiFormatJson::printText() in \ApiFormatJson::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/api/ApiFormatJson.php +112; includes/api/ApiFormatJson.php +109)" source="SecurityCheck-XSS"/>
42 </file>
43 <file name="includes/api/ApiHelp.php">
44 <error line="293" severity="warning" message="Calling method \Html::element() in \ApiHelp::getHelpInternal that outputs using tainted argument $headerContent. (Caused by: Builtin-\Html::element) (Caused by: includes/api/ApiHelp.php +269; includes/api/ApiHelp.php +293)" source="SecurityCheck-DoubleEscaped"/>
45 <error line="571" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/api/ApiHelp.php +571)" source="SecurityCheck-DoubleEscaped"/>
46 <error line="807" severity="warning" message="Calling method \Html::element() in \ApiHelp::getHelpInternal that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Html::element) (Caused by: includes/api/ApiHelp.php +317; includes/api/ApiHelp.php +808; includes/api/ApiHelp.php +807)" source="SecurityCheck-DoubleEscaped"/>
47 <error line="808" severity="warning" message="Calling method \Html::element() in \ApiHelp::getHelpInternal that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Html::element) (Caused by: includes/api/ApiHelp.php +317; includes/api/ApiHelp.php +808)" source="SecurityCheck-DoubleEscaped"/>
48 </file>
49 <file name="includes/api/ApiQueryBacklinks.php">
50 <error line="450" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/api/ApiQueryBacklinks.php +173; includes/api/ApiQueryBacklinks.php +295; includes/api/ApiQueryBacklinks.php +250; includes/api/ApiQueryBacklinks.php +294; includes/api/ApiQueryBacklinks.php +287)" source="SecurityCheck-DoubleEscaped"/>
51 </file>
52 <file name="includes/block/DatabaseBlock.php">
53 <error line="321" severity="error" message="Calling method \Wikimedia\Rdbms\Database::select() in \MediaWiki\Block\DatabaseBlock::newLoad that outputs using tainted argument $conds. (Caused by: Builtin-\Wikimedia\Rdbms\Database::select) (Caused by: includes/block/DatabaseBlock.php +299; includes/block/DatabaseBlock.php +295; includes/block/DatabaseBlock.php +303; includes/block/DatabaseBlock.php +305; includes/block/DatabaseBlock.php +310; includes/block/DatabaseBlock.php +312)" source="SecurityCheck-SQLInjection"/>
54 </file>
55 <file name="includes/changes/ChangesFeed.php">
56 <error line="115" severity="warning" message="Calling method \FeedItem::__construct() in \ChangesFeed::buildItems that outputs using tainted argument $[arg #5]. (Caused by: includes/changes/FeedItem.php +182) (Caused by: Builtin-\Message::escaped; includes/language/Message.php +994)" source="SecurityCheck-DoubleEscaped"/>
57 </file>
58 <file name="includes/changes/EnhancedChangesList.php">
59 <error line="756" severity="warning" message="Calling method \Html::rawElement() in \EnhancedChangesList::recentChangesBlockLine that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Html::rawElement) (Caused by: includes/changes/EnhancedChangesList.php +755)" source="SecurityCheck-DoubleEscaped"/>
60 </file>
61 <file name="includes/changes/FeedItem.php">
62 <error line="119" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getTitle that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/changes/FeedItem.php +119; includes/api/ApiFeedContributions.php +148; includes/changes/ChangesFeed.php +115; includes/api/ApiFeedWatchlist.php +157)" source="SecurityCheck-DoubleEscaped"/>
63 <error line="119" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getTitle that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/changes/FeedItem.php +119; includes/api/ApiFeedContributions.php +148; includes/changes/ChangesFeed.php +115; includes/api/ApiFeedWatchlist.php +157; includes/api/ApiFeedWatchlist.php +164; includes/actions/HistoryAction.php +457)" source="SecurityCheck-DoubleEscaped"/>
64 <error line="119" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getTitle that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/changes/FeedItem.php +119; includes/api/ApiFeedContributions.php +148; includes/changes/ChangesFeed.php +115; includes/api/ApiFeedWatchlist.php +157; includes/api/ApiFeedWatchlist.php +164; includes/actions/HistoryAction.php +457; includes/...)" source="SecurityCheck-DoubleEscaped"/>
65 <error line="145" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getDescription that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/api/ApiFeedContributions.php +148; includes/changes/FeedItem.php +145)" source="SecurityCheck-DoubleEscaped"/>
66 <error line="145" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getDescription that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/api/ApiFeedContributions.php +148; includes/changes/FeedItem.php +145; includes/actions/HistoryAction.php +457)" source="SecurityCheck-DoubleEscaped"/>
67 <error line="145" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getDescription that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/api/ApiFeedContributions.php +148; includes/changes/FeedItem.php +145; includes/actions/HistoryAction.php +457; includes/actions/HistoryAction.php +415)" source="SecurityCheck-DoubleEscaped"/>
68 <error line="145" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getDescription that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/api/ApiFeedContributions.php +148; includes/changes/FeedItem.php +145; includes/actions/HistoryAction.php +457; includes/actions/HistoryAction.php +415; includes/specials/SpecialNewpages.php +490)" source="SecurityCheck-DoubleEscaped"/>
69 <error line="182" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getAuthor that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/changes/FeedItem.php +182; includes/changes/ChangesFeed.php +115)" source="SecurityCheck-DoubleEscaped"/>
70 <error line="182" severity="warning" message="Calling method \FeedItem::xmlEncode() in \FeedItem::getAuthor that outputs using tainted argument $[arg #1]. (Caused by: includes/changes/FeedItem.php +78) (Caused by: includes/changes/FeedItem.php +182; includes/changes/ChangesFeed.php +115; includes/specials/SpecialNewpages.php +490)" source="SecurityCheck-DoubleEscaped"/>
71 </file>
72 <file name="includes/exception/HttpError.php">
73 <error line="122" severity="warning" message="Calling method \htmlspecialchars() in \HttpError::getHTML that outputs using tainted argument $[arg #1]. (Caused by: includes/exception/HttpError.php +122; includes/actions/RawAction.php +127)" source="SecurityCheck-DoubleEscaped"/>
74 <error line="122" severity="warning" message="Calling method \htmlspecialchars() in \HttpError::getHTML that outputs using tainted argument $[arg #1]. (Caused by: includes/exception/HttpError.php +122; includes/actions/RawAction.php +127; includes/actions/RawAction.php +152; includes/linkeddata/PageDataRequestHandler.php +75; includes/linkeddata/PageDataRequestHandler.php +92; includes/linkeddata/PageDataRequ...)" source="SecurityCheck-DoubleEscaped"/>
75 </file>
76 <file name="includes/htmlform/fields/HTMLFormFieldCloner.php">
77 <error line="391" severity="warning" message="Calling method \Html::rawElement() in \HTMLFormFieldCloner::getInputHTML that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Html::rawElement) (Caused by: includes/htmlform/fields/HTMLFormFieldCloner.php +390)" source="SecurityCheck-DoubleEscaped"/>
78 <error line="471" severity="warning" message="Calling method \Html::rawElement() in \HTMLFormFieldCloner::getInputOOUI that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Html::rawElement) (Caused by: includes/htmlform/fields/HTMLFormFieldCloner.php +470)" source="SecurityCheck-DoubleEscaped"/>
79 </file>
80 <file name="includes/installer/DatabaseInstaller.php">
81 <error line="643" severity="warning" message="Calling method \DatabaseInstaller::getPasswordBox() in \DatabaseInstaller::getInstallUserBox that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/DatabaseInstaller.php +545) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
82 <error line="643" severity="warning" message="Calling method \DatabaseInstaller::getTextBox() in \DatabaseInstaller::getInstallUserBox that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/DatabaseInstaller.php +518) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
83 <error line="645" severity="warning" message="Calling method \DatabaseInstaller::getTextBox() in \DatabaseInstaller::getInstallUserBox that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/DatabaseInstaller.php +518) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
84 <error line="651" severity="warning" message="Calling method \DatabaseInstaller::getPasswordBox() in \DatabaseInstaller::getInstallUserBox that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/DatabaseInstaller.php +545) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
85 </file>
86 <file name="includes/installer/DatabaseUpdater.php">
87 <error line="227" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/installer/DatabaseUpdater.php +227)" source="SecurityCheck-DoubleEscaped"/>
88 </file>
89 <file name="includes/installer/MssqlInstaller.php">
90 <error line="92" severity="warning" message="Calling method \MssqlInstaller::getPasswordBox() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
91 <error line="92" severity="warning" message="Calling method \MssqlInstaller::getRadioSet() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
92 <error line="92" severity="warning" message="Calling method \MssqlInstaller::getTextBox() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
93 <error line="100" severity="warning" message="Calling method \MssqlInstaller::getTextBox() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
94 <error line="102" severity="warning" message="Calling method \MssqlInstaller::getTextBox() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
95 <error line="104" severity="warning" message="Calling method \MssqlInstaller::getTextBox() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
96 <error line="109" severity="warning" message="Calling method \MssqlInstaller::getRadioSet() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
97 <error line="127" severity="warning" message="Calling method \MssqlInstaller::getTextBox() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
98 <error line="133" severity="warning" message="Calling method \MssqlInstaller::getPasswordBox() in \MssqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
99 <error line="325" severity="error" message="Calling method \Wikimedia\Rdbms\Database::query() in \MssqlInstaller::canCreateAccounts that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\Wikimedia\Rdbms\Database::query)" source="SecurityCheck-SQLInjection"/>
100 <error line="368" severity="warning" message="Calling method \MssqlInstaller::getRadioSet() in \MssqlInstaller::getSettingsForm that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
101 <error line="375" severity="warning" message="Calling method \MssqlInstaller::getRadioSet() in \MssqlInstaller::getSettingsForm that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
102 </file>
103 <file name="includes/installer/MysqlInstaller.php">
104 <error line="82" severity="warning" message="Calling method \MysqlInstaller::getTextBox() in \MysqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
105 <error line="90" severity="warning" message="Calling method \MysqlInstaller::getTextBox() in \MysqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
106 <error line="92" severity="warning" message="Calling method \MysqlInstaller::getTextBox() in \MysqlInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
107 </file>
108 <file name="includes/installer/OracleInstaller.php">
109 <error line="67" severity="warning" message="Calling method \OracleInstaller::getTextBox() in \OracleInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
110 <error line="77" severity="warning" message="Calling method \OracleInstaller::getTextBox() in \OracleInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
111 </file>
112 <file name="includes/installer/PostgresInstaller.php">
113 <error line="64" severity="warning" message="Calling method \PostgresInstaller::getTextBox() in \PostgresInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
114 <error line="73" severity="warning" message="Calling method \PostgresInstaller::getTextBox() in \PostgresInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
115 <error line="79" severity="warning" message="Calling method \PostgresInstaller::getTextBox() in \PostgresInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
116 </file>
117 <file name="includes/installer/PostgresUpdater.php">
118 <error line="1071" severity="error" message="Calling method \Wikimedia\Rdbms\DatabasePostgres::query() in \PostgresUpdater::dropFkey that outputs using tainted argument $command. (Caused by: Builtin-\Wikimedia\Rdbms\Database::query) (Caused by: includes/installer/PostgresUpdater.php +1070; includes/installer/PostgresUpdater.php +1066; includes/installer/PostgresUpdater.php +1062; includes/installer/PostgresUpdater.php +1068)" source="SecurityCheck-SQLInjection"/>
119 <error line="1093" severity="error" message="Calling method \Wikimedia\Rdbms\DatabasePostgres::query() in \PostgresUpdater::changeFkeyDeferrable that outputs using tainted argument $command. (Caused by: Builtin-\Wikimedia\Rdbms\Database::query) (Caused by: includes/installer/PostgresUpdater.php +1092; includes/installer/PostgresUpdater.php +1089; includes/installer/PostgresUpdater.php +1080; includes/installer/PostgresUpdater.php +1088)" source="SecurityCheck-SQLInjection"/>
120 </file>
121 <file name="includes/installer/SqliteInstaller.php">
122 <error line="88" severity="warning" message="Calling method \SqliteInstaller::getTextBox() in \SqliteInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/DatabaseInstaller.php +518) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
123 <error line="93" severity="warning" message="Calling method \SqliteInstaller::getTextBox() in \SqliteInstaller::getConnectForm that outputs using tainted argument $[arg #4]. (Caused by: includes/installer/DatabaseInstaller.php +518) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
124 </file>
125 <file name="includes/installer/WebInstallerName.php">
126 <error line="58" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
127 <error line="58" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932) (Caused by: includes/installer/WebInstaller.php +692; includes/installer/WebInstallerName.php +56)" source="SecurityCheck-DoubleEscaped"/>
128 <error line="58" severity="warning" message="Calling method \WebInstaller::getRadioSet() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +970) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
129 <error line="58" severity="warning" message="Calling method \WebInstaller::getTextBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +805) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
130 <error line="59" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
131 <error line="59" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932) (Caused by: includes/installer/WebInstaller.php +692; includes/installer/WebInstallerName.php +56)" source="SecurityCheck-DoubleEscaped"/>
132 <error line="59" severity="warning" message="Calling method \WebInstaller::getRadioSet() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +970) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
133 <error line="59" severity="warning" message="Calling method \WebInstaller::getTextBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +805) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
134 <error line="67" severity="warning" message="Calling method \WebInstaller::getRadioSet() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +970) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
135 <error line="82" severity="warning" message="Calling method \WebInstaller::getTextBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +805) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
136 <error line="95" severity="warning" message="Calling method \WebInstaller::getTextBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +805) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
137 <error line="103" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
138 <error line="108" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerName::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932) (Caused by: includes/installer/WebInstaller.php +692; includes/installer/WebInstallerName.php +56)" source="SecurityCheck-DoubleEscaped"/>
139 </file>
140 <file name="includes/installer/WebInstallerOptions.php">
141 <error line="127" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932; includes/installer/WebInstallerName.php +58) (Caused by: includes/installer/WebInstallerOptions.php +125; includes/installer/WebInstallerOptions.php +121) (1092280 &amp;lt;- 567976)" source="SecurityCheckMulti"/>
142 <error line="128" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932; includes/installer/WebInstallerName.php +58) (Caused by: includes/installer/WebInstallerOptions.php +125; includes/installer/WebInstallerOptions.php +121) (1092280 &amp;lt;- 567976)" source="SecurityCheckMulti"/>
143 <error line="129" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932; includes/installer/WebInstallerName.php +58) (Caused by: includes/installer/WebInstallerOptions.php +125; includes/installer/WebInstallerOptions.php +121) (1092280 &amp;lt;- 567976)" source="SecurityCheckMulti"/>
144 <error line="145" severity="warning" message="Calling method \WebInstallerOptions::addHTML() in \WebInstallerOptions::execute that outputs using tainted argument $skinHtml. (Caused by: includes/installer/WebInstallerOptions.php +108; includes/installer/WebInstallerOptions.php +127; includes/installer/WebInstallerOptions.php +114; includes/installer/WebInstallerOptions.php +138; includes/installer/WebInstallerOptions.php +143; incl...)" source="SecurityCheck-XSS"/>
145 <error line="246" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932; includes/installer/WebInstallerName.php +58) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
146 <error line="246" severity="warning" message="Calling method \WebInstaller::getTextBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +805) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
147 <error line="248" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932; includes/installer/WebInstallerName.php +58) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
148 <error line="248" severity="warning" message="Calling method \WebInstaller::getTextBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +805) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
149 <error line="249" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932; includes/installer/WebInstallerName.php +58) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
150 <error line="256" severity="warning" message="Calling method \WebInstaller::getTextBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +805) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
151 <error line="263" severity="warning" message="Calling method \WebInstaller::getTextBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +805) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
152 <error line="270" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932; includes/installer/WebInstallerName.php +58) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
153 <error line="271" severity="warning" message="Calling method \WebInstaller::getCheckBox() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +934; includes/installer/WebInstaller.php +932; includes/installer/WebInstallerName.php +58) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
154 <error line="298" severity="warning" message="Calling method \WebInstaller::getTextArea() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +852) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
155 <error line="300" severity="warning" message="Calling method \WebInstaller::getTextArea() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +852) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
156 <error line="314" severity="warning" message="Calling method \WebInstaller::getTextArea() in \WebInstallerOptions::execute that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstaller.php +852) (Caused by: includes/installer/WebInstaller.php +692)" source="SecurityCheck-DoubleEscaped"/>
157 </file>
158 <file name="includes/jobqueue/utils/BacklinkJobUtils.php">
159 <error line="102" severity="error" message="Calling method \BacklinkCache::partition() in \BacklinkJobUtils::partitionBacklinkJob that outputs using tainted argument $[arg #1]. (Caused by: includes/cache/BacklinkCache.php +441) (Caused by: includes/jobqueue/utils/BacklinkJobUtils.php +90)" source="SecurityCheck-SQLInjection"/>
160 <error line="112" severity="error" message="Calling method \BacklinkCache::getLinks() in \BacklinkJobUtils::partitionBacklinkJob that outputs using tainted argument $[arg #1]. (Caused by: includes/cache/BacklinkCache.php +172) (Caused by: includes/jobqueue/utils/BacklinkJobUtils.php +90)" source="SecurityCheck-SQLInjection"/>
161 </file>
162 <file name="includes/language/Message.php">
163 <error line="1396" severity="warning" message="Calling method \Message::extractParam() in \Message::formatListParam that outputs using tainted argument $[arg #1]. (Caused by: includes/language/Message.php +1204)" source="SecurityCheck-DoubleEscaped"/>
164 <error line="1396" severity="warning" message="Calling method \Message::extractParam() in \Message::formatListParam that outputs using tainted argument $[arg #1]. (Caused by: includes/language/Message.php +1204; includes/language/Message.php +1245)" source="SecurityCheck-DoubleEscaped"/>
165 </file>
166 <file name="includes/libs/rdbms/database/DatabasePostgres.php">
167 <error line="874" severity="error" message="Calling method \Wikimedia\Rdbms\DatabasePostgres::query() in \Wikimedia\Rdbms\DatabasePostgres::resetSequenceForTable that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\Wikimedia\Rdbms\Database::query)" source="SecurityCheck-SQLInjection"/>
168 </file>
169 <file name="includes/linkeddata/PageDataRequestHandler.php">
170 <error line="75" severity="warning" message="Calling method \HttpError::__construct() in \PageDataRequestHandler::handleRequest that outputs using tainted argument $[arg #2]. (Caused by: includes/exception/HttpError.php +122) (Caused by: includes/GlobalFunctions.php +1270)" source="SecurityCheck-DoubleEscaped"/>
171 <error line="92" severity="warning" message="Calling method \HttpError::__construct() in \PageDataRequestHandler::handleRequest that outputs using tainted argument $[arg #2]. (Caused by: includes/exception/HttpError.php +122) (Caused by: includes/GlobalFunctions.php +1270; includes/linkeddata/PageDataRequestHandler.php +84)" source="SecurityCheck-DoubleEscaped"/>
172 <error line="98" severity="warning" message="Calling method \HttpError::__construct() in \PageDataRequestHandler::handleRequest that outputs using tainted argument $[arg #2]. (Caused by: includes/exception/HttpError.php +122) (Caused by: includes/GlobalFunctions.php +1270; includes/linkeddata/PageDataRequestHandler.php +84; includes/linkeddata/PageDataRequestHandler.php +96)" source="SecurityCheck-DoubleEscaped"/>
173 <error line="147" severity="warning" message="Calling method \HttpError::__construct() in \PageDataRequestHandler::httpContentNegotiation that outputs using tainted argument $msg. (Caused by: includes/exception/HttpError.php +122) (Caused by: includes/linkeddata/PageDataRequestHandler.php +146)" source="SecurityCheck-DoubleEscaped"/>
174 </file>
175 <file name="includes/logging/BlockLogFormatter.php">
176 <error line="74" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/logging/BlockLogFormatter.php +32; includes/logging/BlockLogFormatter.php +59)" source="SecurityCheck-DoubleEscaped"/>
177 </file>
178 <file name="includes/media/ExifBitmapHandler.php">
179 <error line="66" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/media/ExifBitmapHandler.php +44; includes/media/ExifBitmapHandler.php +58; includes/media/ExifBitmapHandler.php +67; includes/media/ExifBitmapHandler.php +66) (1049600 &amp;lt;- 567976)" source="SecurityCheckMulti"/>
180 </file>
181 <file name="includes/media/FormatMetadata.php">
182 <error line="164" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/media/FormatMetadata.php +164)" source="SecurityCheck-DoubleEscaped"/>
183 <error line="941" severity="warning" message="Calling method \htmlspecialchars() in \FormatMetadata::makeFormattedData that outputs using tainted argument $val. (Caused by: includes/media/FormatMetadata.php +168; includes/media/FormatMetadata.php +183; includes/media/FormatMetadata.php +205; includes/media/FormatMetadata.php +223; includes/media/FormatMetadata.php +235; includes/media/FormatMetadata.php +248; includes/...)" source="SecurityCheck-DoubleEscaped"/>
184 <error line="952" severity="warning" message="Calling method \htmlspecialchars() in \FormatMetadata::makeFormattedData that outputs using tainted argument $val. (Caused by: includes/media/FormatMetadata.php +168; includes/media/FormatMetadata.php +183; includes/media/FormatMetadata.php +205; includes/media/FormatMetadata.php +223; includes/media/FormatMetadata.php +235; includes/media/FormatMetadata.php +248; includes/...)" source="SecurityCheck-DoubleEscaped"/>
185 <error line="974" severity="warning" message="Calling method \htmlspecialchars() in \FormatMetadata::makeFormattedData that outputs using tainted argument $[arg #1]. (Caused by: includes/media/FormatMetadata.php +168; includes/media/FormatMetadata.php +183; includes/media/FormatMetadata.php +205; includes/media/FormatMetadata.php +223; includes/media/FormatMetadata.php +235; includes/media/FormatMetadata.php +248; includes/...)" source="SecurityCheck-DoubleEscaped"/>
186 </file>
187 <file name="includes/page/ImagePage.php">
188 <error line="165" severity="warning" message="Calling method \OutputPage::addHTML() in \ImagePage::view that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: includes/page/ImagePage.php +725; includes/page/ImagePage.php +701)" source="SecurityCheck-XSS"/>
189 </file>
190 <file name="includes/parser/PPFrame_DOM.php">
191 <error line="127" severity="warning" message="Calling method \wfEscapeWikiText() in \PPFrame_DOM::newChild that outputs using tainted argument $name. (Caused by: includes/GlobalFunctions.php +1549) (Caused by: includes/parser/PPFrame_DOM.php +125)" source="SecurityCheck-DoubleEscaped"/>
192 <error line="130" severity="warning" message="Calling method \wfEscapeWikiText() in \PPFrame_DOM::newChild that outputs using tainted argument $name. (Caused by: includes/GlobalFunctions.php +1549) (Caused by: includes/parser/PPFrame_DOM.php +125)" source="SecurityCheck-DoubleEscaped"/>
193 </file>
194 <file name="includes/parser/PPFrame_Hash.php">
195 <error line="119" severity="warning" message="Calling method \wfEscapeWikiText() in \PPFrame_Hash::newChild that outputs using tainted argument $name. (Caused by: includes/GlobalFunctions.php +1549) (Caused by: includes/parser/PPFrame_Hash.php +117)" source="SecurityCheck-DoubleEscaped"/>
196 <error line="122" severity="warning" message="Calling method \wfEscapeWikiText() in \PPFrame_Hash::newChild that outputs using tainted argument $name. (Caused by: includes/GlobalFunctions.php +1549) (Caused by: includes/parser/PPFrame_Hash.php +117)" source="SecurityCheck-DoubleEscaped"/>
197 </file>
198 <file name="includes/parser/Parser.php">
199 <error line="555" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +555)" source="SecurityCheck-DoubleEscaped"/>
200 <error line="762" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +762)" source="SecurityCheck-DoubleEscaped"/>
201 <error line="1428" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +1428)" source="SecurityCheck-DoubleEscaped"/>
202 <error line="1442" severity="warning" message="Calling method \Parser::doTableStuff() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1449) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442)" source="SecurityCheck-DoubleEscaped"/>
203 <error line="1442" severity="warning" message="Calling method \Parser::doTableStuff() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1449) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442)" source="SecurityCheck-DoubleEscaped"/>
204 <error line="1442" severity="warning" message="Calling method \Parser::doTableStuff() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1449) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442)" source="SecurityCheck-DoubleEscaped"/>
205 <error line="1442" severity="warning" message="Calling method \Parser::doTableStuff() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1449) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442)" source="SecurityCheck-DoubleEscaped"/>
206 <error line="1449" severity="warning" message="Calling method \Parser::replaceInternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +2239) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
207 <error line="1449" severity="warning" message="Calling method \Parser::replaceInternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +2239) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/parser/Parser.php +1449)" source="SecurityCheck-DoubleEscaped"/>
208 <error line="1449" severity="warning" message="Calling method \Parser::replaceInternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +2239) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/parser/Parser.php +1449)" source="SecurityCheck-DoubleEscaped"/>
209 <error line="1449" severity="warning" message="Calling method \Parser::replaceInternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +2239) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/parser/Parser.php +1449)" source="SecurityCheck-DoubleEscaped"/>
210 <error line="1449" severity="warning" message="Calling method \Parser::replaceInternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +2239) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/parser/Parser.php +1449)" source="SecurityCheck-DoubleEscaped"/>
211 <error line="1451" severity="warning" message="Calling method \Parser::replaceExternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1994) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
212 <error line="1451" severity="warning" message="Calling method \Parser::replaceExternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1994) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/parser/Parser.php +1449; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
213 <error line="1451" severity="warning" message="Calling method \Parser::replaceExternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1994) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/parser/Parser.php +1449; includes/parser/Parser.php +1451)" source="SecurityCheck-DoubleEscaped"/>
214 <error line="1451" severity="warning" message="Calling method \Parser::replaceExternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1994) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/parser/Parser.php +1449; includes/parser/Parser.php +1451)" source="SecurityCheck-DoubleEscaped"/>
215 <error line="1451" severity="warning" message="Calling method \Parser::replaceExternalLinks() in \Parser::internalParse that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1994) (Caused by: includes/parser/Parser.php +1428; includes/parser/Parser.php +1442; includes/parser/Parser.php +1444; includes/parser/Parser.php +1449; includes/parser/Parser.php +1451)" source="SecurityCheck-DoubleEscaped"/>
216 <error line="1996" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +1994)" source="SecurityCheck-DoubleEscaped"/>
217 <error line="2018" severity="warning" message="Calling method \LanguageConverter::markNoConversion() in \Parser::replaceExternalLinks that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1728) (Caused by: includes/parser/Parser.php +1994; includes/parser/Parser.php +1996; includes/parser/Parser.php +2018)" source="SecurityCheck-DoubleEscaped"/>
218 <error line="2027" severity="warning" message="Calling method \Linker::makeExternalLink() in \Parser::replaceExternalLinks that outputs using tainted argument $text. (Caused by: includes/Linker.php +844) (Caused by: includes/parser/Parser.php +1994; includes/parser/Parser.php +1996; includes/parser/Parser.php +2018; includes/parser/Parser.php +2027)" source="SecurityCheck-DoubleEscaped"/>
219 <error line="2027" severity="warning" message="Calling method \Linker::makeExternalLink() in \Parser::replaceExternalLinks that outputs using tainted argument $text. (Caused by: includes/Linker.php +844) (Caused by: includes/parser/Parser.php +1994; includes/parser/Parser.php +1996; includes/parser/Parser.php +2027)" source="SecurityCheck-DoubleEscaped"/>
220 <error line="2238" severity="warning" message="Calling method \Parser::replaceInternalLinks2() in \Parser::replaceInternalLinks that outputs using tainted argument $s. (Caused by: includes/parser/Parser.php +2482) (Caused by: includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
221 <error line="2369" severity="warning" message="Calling method \Parser::maybeDoSubpageLink() in \Parser::replaceInternalLinks2 that outputs using tainted argument $text. (Caused by: includes/Linker.php +1384) (Caused by: includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
222 <error line="2421" severity="warning" message="Calling method \Parser::replaceInternalLinks2() in \Parser::replaceInternalLinks2 that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +2482) (Caused by: includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
223 <error line="2482" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +2482)" source="SecurityCheck-DoubleEscaped"/>
224 <error line="2482" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +2609; includes/parser/Parser.php +2609; includes/parser/Parser.php +2609; includes/parser/Parser.php +2609; includes/parser/Parser.php +2609; includes/parser/Parser.php +2609; includes/parser/Parser.php +2609; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
225 <error line="2482" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +3338; includes/parser/Parser.php +3338; includes/parser/Parser.php +3338; includes/parser/Parser.php +3338; includes/parser/Parser.php +2369; includes/parser/Parser.php +3338; includes/parser/Parser.php +3338; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
226 <error line="2482" severity="warning" message="Calling method \Parser::replaceExternalLinks() in \Parser::replaceInternalLinks2 that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +1994) (Caused by: includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
227 <error line="2483" severity="warning" message="Calling method \Parser::replaceInternalLinks2() in \Parser::replaceInternalLinks2 that outputs using tainted argument $text. (Caused by: includes/parser/Parser.php +2482) (Caused by: includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/parser/Parser.php +2483; includes/parser/Parser.php +2482; includes/pa...)" source="SecurityCheck-DoubleEscaped"/>
228 <error line="3492" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +3489; includes/parser/Parser.php +3492)" source="SecurityCheck-DoubleEscaped"/>
229 <error line="3507" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +3489; includes/parser/Parser.php +3492; includes/parser/Parser.php +3500)" source="SecurityCheck-XSS"/>
230 <error line="6187" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Parser.php +6187)" source="SecurityCheck-DoubleEscaped"/>
231 </file>
232 <file name="includes/parser/Preprocessor_DOM.php">
233 <error line="99" severity="warning" message="Calling method \UtfNormal\Validator::cleanUp() in \Preprocessor_DOM::newPartNodeArray that outputs using tainted argument $xml. (Caused by: includes/media/DjVuImage.php +302) (Caused by: includes/parser/Preprocessor_DOM.php +83; includes/parser/Preprocessor_DOM.php +86; includes/parser/Preprocessor_DOM.php +91; includes/parser/Preprocessor_DOM.php +99)" source="SecurityCheck-DoubleEscaped"/>
234 <error line="176" severity="warning" message="Calling method \UtfNormal\Validator::cleanUp() in \Preprocessor_DOM::preprocessToObj that outputs using tainted argument $xml. (Caused by: includes/media/DjVuImage.php +302) (Caused by: includes/parser/Preprocessor_DOM.php +155)" source="SecurityCheck-DoubleEscaped"/>
235 </file>
236 <file name="includes/parser/Sanitizer.php">
237 <error line="1438" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/parser/Sanitizer.php +1438)" source="SecurityCheck-DoubleEscaped"/>
238 </file>
239 <file name="includes/preferences/DefaultPreferencesFactory.php">
240 <error line="351" severity="warning" message="HTMLForm label key escapes its input (Caused by: Builtin-\Message::parse; includes/language/Message.php +945)" source="SecurityCheck-DoubleEscaped"/>
241 <error line="707" severity="warning" message="HTMLForm option label needs escaping (Maybe false positive as could not determine if it was key or value that is unescaped) (Caused by: includes/preferences/DefaultPreferencesFactory.php +704)" source="SecurityCheck-XSS"/>
242 </file>
243 <file name="includes/specials/SpecialExpandTemplates.php">
244 <error line="130" severity="warning" message="Calling method \SpecialExpandTemplates::makeOutput() in \SpecialExpandTemplates::execute that outputs using tainted argument $rawhtml. (Caused by: includes/specials/SpecialExpandTemplates.php +227) (Caused by: includes/specials/SpecialExpandTemplates.php +128)" source="SecurityCheck-DoubleEscaped"/>
245 </file>
246 <file name="includes/specials/SpecialNewpages.php">
247 <error line="490" severity="warning" message="Calling method \FeedItem::__construct() in \SpecialNewpages::feedItem that outputs using tainted argument $[arg #2]. (Caused by: includes/changes/FeedItem.php +145) (Caused by: includes/specials/SpecialNewpages.php +519)" source="SecurityCheck-DoubleEscaped"/>
248 </file>
249 <file name="includes/specials/SpecialRecentChanges.php">
250 <error line="476" severity="warning" message="Calling method \Xml::tags() in \SpecialRecentChanges::doHeader that outputs using tainted argument $[arg #2]. (Caused by: Builtin-\Xml::tags) (Caused by: includes/specials/SpecialRecentChanges.php +469)" source="SecurityCheck-DoubleEscaped"/>
251 <error line="819" severity="warning" message="Calling method \SpecialRecentChanges::makeOptionsLink() in \SpecialRecentChanges::optionsPanel that outputs using tainted argument $[arg #1]. (Caused by: includes/specials/SpecialRecentChanges.php +785)" source="SecurityCheck-DoubleEscaped"/>
252 <error line="916" severity="warning" message="Calling method \SpecialRecentChanges::makeOptionsLink() in \SpecialRecentChanges::optionsPanel that outputs using tainted argument $[arg #1]. (Caused by: includes/specials/SpecialRecentChanges.php +785) (Caused by: Builtin-\Message::parse; includes/language/Message.php +945)" source="SecurityCheck-DoubleEscaped"/>
253 <error line="919" severity="warning" message="Calling method \SpecialRecentChanges::makeOptionsLink() in \SpecialRecentChanges::optionsPanel that outputs using tainted argument $[arg #1]. (Caused by: includes/specials/SpecialRecentChanges.php +785) (Caused by: Builtin-\Message::parse; includes/language/Message.php +945)" source="SecurityCheck-DoubleEscaped"/>
254 </file>
255 <file name="includes/specials/SpecialStatistics.php">
256 <error line="277" severity="warning" message="Calling method \Language::formatNum() in \SpecialStatistics::getOtherStats that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstallerOptions.php +333)" source="SecurityCheck-DoubleEscaped"/>
257 <error line="279" severity="warning" message="Calling method \Language::formatNum() in \SpecialStatistics::getOtherStats that outputs using tainted argument $[arg #1]. (Caused by: includes/installer/WebInstallerOptions.php +333)" source="SecurityCheck-DoubleEscaped"/>
258 </file>
259 <file name="includes/specials/SpecialVersion.php">
260 <error line="100" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/specials/SpecialVersion.php +100)" source="SecurityCheck-DoubleEscaped"/>
261 <error line="124" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/specials/SpecialVersion.php +124)" source="SecurityCheck-DoubleEscaped"/>
262 <error line="578" severity="warning" message="Calling method \Linker::makeExternalLink() in \SpecialVersion::getParserTags that outputs using tainted argument $[arg #2]. (Caused by: includes/Linker.php +844) (Caused by: Builtin-\Message::parse; includes/language/Message.php +945)" source="SecurityCheck-DoubleEscaped"/>
263 <error line="584" severity="warning" message="Calling method \Linker::makeExternalLink() in \SpecialVersion::getParserTags that outputs using tainted argument $[arg #2]. (Caused by: includes/Linker.php +844) (Caused by: Builtin-\Message::parse; includes/language/Message.php +945)" source="SecurityCheck-DoubleEscaped"/>
264 <error line="593" severity="warning" message="Assigning a tainted value to a variable that later does something unsafe with it (Caused by: includes/specials/SpecialVersion.php +593)" source="SecurityCheck-DoubleEscaped"/>
265 <error line="619" severity="warning" message="Calling method \Linker::makeExternalLink() in \SpecialVersion::getParserFunctionHooks that outputs using tainted argument $[arg #2]. (Caused by: includes/Linker.php +844) (Caused by: Builtin-\Message::parse; includes/language/Message.php +945)" source="SecurityCheck-DoubleEscaped"/>
266 <error line="625" severity="warning" message="Calling method \Linker::makeExternalLink() in \SpecialVersion::getParserFunctionHooks that outputs using tainted argument $[arg #2]. (Caused by: includes/Linker.php +844) (Caused by: Builtin-\Message::parse; includes/language/Message.php +945)" source="SecurityCheck-DoubleEscaped"/>
267 <error line="776" severity="warning" message="Calling method \Linker::makeExternalLink() in \SpecialVersion::getCreditsForExtension that outputs using tainted argument $[arg #2]. (Caused by: includes/Linker.php +844)" source="SecurityCheck-DoubleEscaped"/>
268 </file>
269 <file name="includes/specials/SpecialWhatLinksHere.php">
270 <error line="460" severity="warning" message="Calling method \SpecialWhatLinksHere::makeSelfLink() in \SpecialWhatLinksHere::getPrevNext that outputs using tainted argument $prev. (Caused by: includes/specials/SpecialWhatLinksHere.php +442) (Caused by: includes/specials/SpecialWhatLinksHere.php +452)" source="SecurityCheck-DoubleEscaped"/>
271 <error line="464" severity="warning" message="Calling method \SpecialWhatLinksHere::makeSelfLink() in \SpecialWhatLinksHere::getPrevNext that outputs using tainted argument $next. (Caused by: includes/specials/SpecialWhatLinksHere.php +442) (Caused by: includes/specials/SpecialWhatLinksHere.php +453)" source="SecurityCheck-DoubleEscaped"/>
272 <error line="472" severity="warning" message="Calling method \SpecialWhatLinksHere::makeSelfLink() in \SpecialWhatLinksHere::getPrevNext that outputs using tainted argument $prettyLimit. (Caused by: includes/specials/SpecialWhatLinksHere.php +442) (Caused by: includes/specials/SpecialWhatLinksHere.php +470)" source="SecurityCheck-DoubleEscaped"/>
273 <error line="566" severity="warning" message="Calling method \SpecialWhatLinksHere::makeSelfLink() in \SpecialWhatLinksHere::getFilterPanel that outputs using tainted argument $msg. (Caused by: includes/specials/SpecialWhatLinksHere.php +442) (Caused by: includes/specials/SpecialWhatLinksHere.php +564; includes/specials/SpecialWhatLinksHere.php +547; includes/specials/SpecialWhatLinksHere.php +548)" source="SecurityCheck-DoubleEscaped"/>
274 <error line="567" severity="warning" message="Calling method \SpecialWhatLinksHere::makeSelfLink() in \SpecialWhatLinksHere::getFilterPanel that outputs using tainted argument $msg. (Caused by: includes/specials/SpecialWhatLinksHere.php +442) (Caused by: includes/specials/SpecialWhatLinksHere.php +564; includes/specials/SpecialWhatLinksHere.php +547; includes/specials/SpecialWhatLinksHere.php +548)" source="SecurityCheck-DoubleEscaped"/>
275 </file>
276 <file name="includes/specials/forms/UploadForm.php">
277 <error line="135" severity="warning" message="HTMLForm info field in raw mode needs to escape default key (Caused by: includes/specials/SpecialUpload.php +253)" source="SecurityCheck-XSS"/>
278 <error line="301" severity="warning" message="HTMLForm info field in raw mode needs to escape default key (Caused by: includes/specials/SpecialUpload.php +253)" source="SecurityCheck-XSS"/>
279 </file>
280 <file name="includes/specials/pagers/AllMessagesTablePager.php">
281 <error line="264" severity="warning" message="Calling method \MediaWiki\Linker\LinkRenderer::makeKnownLink() in \AllMessagesTablePager::formatValue that outputs using tainted argument $talkLink. (Caused by: Builtin-\MediaWiki\Linker\LinkRenderer::makeKnownLink) (Caused by: includes/specials/pagers/AllMessagesTablePager.php +253)" source="SecurityCheck-DoubleEscaped"/>
282 <error line="266" severity="warning" message="Calling method \MediaWiki\Linker\LinkRenderer::makeBrokenLink() in \AllMessagesTablePager::formatValue that outputs using tainted argument $talkLink. (Caused by: includes/linker/LinkRenderer.php +357) (Caused by: includes/specials/pagers/AllMessagesTablePager.php +253)" source="SecurityCheck-DoubleEscaped"/>
283 <error line="302" severity="warning" message="Calling method \Html::element() in \AllMessagesTablePager::formatRow that outputs using tainted argument $formatted. (Caused by: Builtin-\Html::element) (Caused by: includes/specials/pagers/AllMessagesTablePager.php +296)" source="SecurityCheck-DoubleEscaped"/>
284 </file>
285 <file name="includes/specials/pagers/UsersPager.php">
286 <error line="177" severity="warning" message="Calling method \Linker::userLink() in \UsersPager::formatRow that outputs using tainted argument $userName. (Caused by: includes/Linker.php +918) (Caused by: includes/specials/pagers/UsersPager.php +175; includes/EditPage.php +3851; includes/EditPage.php +3878; includes/user/UserRightsProxy.php +130)" source="SecurityCheck-DoubleEscaped"/>
287 </file>
288 <file name="includes/user/User.php">
289 <error line="4519" severity="warning" message="Calling method \User::sendMail() in \User::sendConfirmationMail that outputs using tainted argument $[arg #4]. (Caused by: includes/user/User.php +4544) (Caused by: includes/user/User.php +4497)" source="SecurityCheck-XSS"/>
290 <error line="4776" severity="error" message="Calling method \Wikimedia\Rdbms\Database::selectField() in \User::getEditTimestamp that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\Wikimedia\Rdbms\Database::selectField) (Caused by: includes/user/User.php +4772)" source="SecurityCheck-SQLInjection"/>
291 <error line="5047" severity="error" message="Calling method \Wikimedia\Rdbms\IDatabase::selectField() in \User::initEditCountInternal that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\Wikimedia\Rdbms\IDatabase::selectField) (Caused by: includes/user/User.php +5046)" source="SecurityCheck-SQLInjection"/>
292 </file>
293 <file name="languages/Language.php">
294 <error line="4240" severity="warning" message="Calling method \htmlspecialchars() in \Language::convertHtml that outputs using tainted argument $[arg #1]. (Caused by: languages/Language.php +4185; languages/Language.php +4185; languages/Language.php +4240)" source="SecurityCheck-DoubleEscaped"/>
295 </file>
296 <file name="maintenance/convertLinks.php">
297 <error line="221" severity="error" message="Calling method \Wikimedia\Rdbms\IMaintainableDatabase::query() in \ConvertLinks::execute that outputs using tainted argument $[arg #1]. (Caused by: Builtin-\Wikimedia\Rdbms\IMaintainableDatabase::query) (Caused by: maintenance/convertLinks.php +209; maintenance/convertLinks.php +205; maintenance/convertLinks.php +204; maintenance/convertLinks.php +158)" source="SecurityCheck-SQLInjection"/>
298 </file>
299 <file name="maintenance/populateContentTables.php">
300 <error line="219" severity="error" message="Calling method \Wikimedia\Rdbms\IDatabase::select() in \PopulateContentTables::populateTable that outputs using tainted argument $[arg #3]. (Caused by: Builtin-\Wikimedia\Rdbms\IDatabase::select) (Caused by: maintenance/populateContentTables.php +218; maintenance/populateContentTables.php +217; maintenance/populateContentTables.php +201)" source="SecurityCheck-SQLInjection"/>
301 </file>
302 <file name="maintenance/refreshExternallinksIndex.php">
303 <error line="73" severity="error" message="Calling method \Wikimedia\Rdbms\IMaintainableDatabase::select() in \RefreshExternallinksIndex::doDBUpdates that outputs using tainted argument $[arg #3]. (Caused by: Builtin-\Wikimedia\Rdbms\IMaintainableDatabase::select) (Caused by: maintenance/refreshExternallinksIndex.php +71; maintenance/populateContentTables.php +201; maintenance/refreshExternallinksIndex.php +59)" source="SecurityCheck-SQLInjection"/>
304 </file>
305 <file name="maintenance/storage/compressOld.php">
306 <error line="331" severity="error" message="Calling method \Wikimedia\Rdbms\IMaintainableDatabase::select() in \CompressOld::compressWithConcat that outputs using tainted argument $[arg #3]. (Caused by: Builtin-\Wikimedia\Rdbms\IMaintainableDatabase::select) (Caused by: includes/Title.php +3562; includes/Title.php +3562)" source="SecurityCheck-SQLInjection"/>
307 </file>
308</checkstyle>

It has 187 warnings, of which 165 are DoubleEscaped. This is way less than T216348#5185224.

Some of those are actual issues. However, I'd like to wait for seccheck 3.0 before starting to fix them.