CodeQL library for C#
codeql/csharp-all 0.8.9 (changelog, source)

Predicate xssFlow

Holds if there is tainted flow from source to sink that may lead to a cross-site scripting (XSS) vulnerability, with message providing a description of the source. This is the main predicate to use in XSS queries.

Import path

predicate xssFlow(XssNode source, XssNode sink, string message)