Module MissingXMLValidationQuery
Provides a taint-tracking configuration for reasoning about untrusted user input processed as XML without validation against a known schema.
Import path
import semmle.code.csharp.security.dataflow.MissingXMLValidationQuery
Imports
csharp | The default C# QL library. |
Classes
RemoteSource | DEPRECATED: Use |
Sanitizer | A sanitizer for untrusted user input processed as XML without validation against a known schema. |
Sink | A data flow sink for untrusted user input processed as XML without validation against a known schema. |
Source | A data flow source for untrusted user input processed as XML without validation against a known schema. |
ThreatModelSource | A source supported by the current threat model. |
XmlReaderCreateCallSink | The input argument to a call to |
Aliases
MissingXmlValidation | A taint-tracking module for untrusted user input processed as XML without validation against a known schema. |