From 4981855254b4b508458484e819558193f0894b19 Mon Sep 17 00:00:00 2001
From: Rootless-Ghost/RG-Nebula
 <139057350+Rootless-Ghost@users.noreply.github.com>
Date: Sun, 22 Mar 2026 04:48:57 -0400
Subject: [PATCH] Potential fix for code scanning alert no. 22: Information
 exposure through an exception

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
 app.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/app.py b/app.py
index f9fffd7..9f4b5e9 100644
--- a/app.py
+++ b/app.py
@@ -147,7 +147,9 @@ def api_template(template_key):
             "mitre_info": mitre_info,
         })
     except ValueError as e:
-        return jsonify({"success": False, "error": str(e)}), 404
+        # Do not expose internal error details to the client
+        logging.warning("ValueError in api_template for key %s: %s", template_key, e)
+        return jsonify({"success": False, "error": "Template not found."}), 404
     except Exception as e:
         logging.exception("Unexpected error in api_template for key %s", template_key)
         return jsonify({"success": False, "error": "An internal error occurred while loading the template."}), 400