Several API endpoints lack proper input validation, which could lead to security vulnerabilities or unexpected behavior:
For example:
- Solution save endpoint (
problems.py): Doesn't validate solution content length or format
- Note endpoints: Don't sanitize HTML/XSS content in user notes
- Pagination parameters:
page and limit aren't validated for reasonable bounds (could accept arbitrarily large values)
Several API endpoints lack proper input validation, which could lead to security vulnerabilities or unexpected behavior:
For example:
problems.py): Doesn't validate solution content length or formatpageandlimitaren't validated for reasonable bounds (could accept arbitrarily large values)