Class JexlEvaluationSink
A sink for Expresssion Language injection vulnerabilities via Jexl, that is, method calls that run evaluation of a JEXL expression.
Import path
import semmle.code.java.security.JexlInjectionQuery
Direct supertypes
Known direct subtypes
Inherited predicates
asExpr | Gets the expression corresponding to this node, if any. | from Node |
asParameter | Gets the parameter corresponding to this node, if any. | from Node |
getEnclosingCallable | Gets the callable in which this node occurs. | from Node |
getExpr | Gets the expression corresponding to this node. | from ExprNode |
getLocation | Gets the source location for this element. | from ExprNode |
getType | Gets the type of this node. | from Node |
getTypeBound | Gets an upper bound on the type of this node. | from Node |
hasLocationInfo | Holds if this element is at the specified location. The location spans column | from Node |
toString | Gets a textual representation of this element. | from ExprNode |