For other CodeQL resources, including tutorials and examples, see the CodeQL documentation

MissingXMLValidationQuery

Module MissingXMLValidationQuery

Provides a taint-tracking configuration for reasoning about untrusted user input processed as XML without validation against a known schema.


                                import semmle.code.csharp.security.dataflow.MissingXMLValidationQuery

The default C# QL library.

RemoteSource	A source of remote user input.
Sanitizer	A sanitizer for untrusted user input processed as XML without validation against a known schema.
Sink	A data flow sink for untrusted user input processed as XML without validation against a known schema.
Source	A data flow source for untrusted user input processed as XML without validation against a known schema.
TaintTrackingConfiguration	DEPRECATED: Use `MissingXxmlValidation` instead.
XmlReaderCreateCallSink	The input argument to a call to `XmlReader.Create` where the input will not be validated against a schema.

A taint-tracking module for untrusted user input processed as XML without validation against a known schema.