Query module CodeInjection

name
Code injection
description
Interpreting unsanitized user input as code allows a malicious user arbitrary code execution.
kind
path-problem
problem.severity
error
precision
high
id
js/code-injection
tags
security external/cwe/cwe-094 external/cwe/cwe-079 external/cwe/cwe-116

Imports

CodeInjection
PathGraph

Provides the query predicates needed to include a graph in a path-problem query.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.