Module XMLEntityInjection

Import path

import semmle.code.csharp.security.dataflow.XMLEntityInjection

Imports

InsecureXML

Provides classes and predicates for detecting insecure processing of XML documents.

RegularExpressions
Remote

Provides classes representing data flow sources for remote user input.

Sanitizers

Provides classes for identifying expressions that might be sanitized.

System

Provides definitions related to the namespace System.

Classes

InsecureXMLSink
RemoteSource
Sanitizer

A sanitizer for untrusted user input used in XML processing.

Sink

A data flow sink for untrusted user input used in XML processing.

Source

A data flow source for untrusted user input used in XML processing.

TaintTrackingConfiguration

A taint-tracking configuration for untrusted user input used in XML processing.