I’m using the SonarCloud services and scan my open source project with it. For scanning I use SonarScanner for MSBuild version 184.108.40.20685-net46.
I get the following security hotspot issue:
In the code, ASP.NET Core’s
UseDeveloperExceptionPage() is called, which is an issue, unless it is wrapped by an
if (env.IsDevelopment()), which I did. The description of S4507 also says this. So I think this is a false-positive.