Pyramid

Pyramid rules for Python

2
Security Rules

Run All Pyramid Rules

pathfinder scan --ruleset python/pyramid --project .

Rules

Pyramid CSRF Check Disabled Globally

HIGH

Detects calls to set_default_csrf_options() which can globally disable CSRF protection in Pyramid applications.

pythonpyramidcsrfsecurity-misconfigurationCWE-352OWASP-A05
CWE-352
Updated 2026-03-22

Pyramid Direct Response XSS

HIGH

Traces user input from Pyramid request objects to Response() constructors, enabling reflected cross-site scripting.

pythonpyramidxssresponsetaint-analysisCWE-79OWASP-A03
CWE-79
Updated 2026-03-22
Back to Python CategoriesAll Languages →