Query module CodeInjection

name
Improper control of generation of code
description
Treating externally controlled strings as code can allow an attacker to execute malicious code.
kind
path-problem
problem.severity
error
precision
high
id
cs/code-injection
tags
security external/cwe/cwe-094 external/cwe/cwe-095 external/cwe/cwe-096

Imports

CodeInjection
PathGraph

Provides the query predicates needed to include a graph in a path-problem query.

csharp

The default C# QL library.