# Log Injection / Log Forging

- ID: python-log-injection
- Severity: MEDIUM
- CWE: Log Injection (CWE-117)
- Languages: Python
- Frameworks: flask, django, fastapi

## Description

Detects user input flowing directly into log messages without sanitization.

## Detection Message

User input from {source} flows to log message at {sink} without sanitization.
Attackers can inject newlines to forge log entries or hide malicious activity.

## Remediation

Use structured logging with separate fields for user data.

```python
logging.info("Login attempt", extra={'username': username})
```

Learn more: https://shoulder.dev/learn/python/cwe-117/log-injection

## Documentation

[object Object]

## Related Rules

- **Log Injection / Log Forging** [MEDIUM]: 
- **Log Injection** [LOW]: 
- **Log Injection** [MEDIUM]: