Module MvelInjectionQuery
Provides taint tracking configurations to be used in MVEL injection related queries.
Import path
import semmle.code.java.security.MvelInjectionQueryImports
| FlowSources | Provides classes representing various flow sources for taint tracking. |
| MvelInjection | Provides classes to reason about MVEL injection attacks. |
| TaintTracking | Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses. |
| java | Provides all default Java QL imports. |
Classes
| MvelInjectionFlowConfig | DEPRECATED: Use |
Modules
| MvelInjectionFlowConfig | A taint-tracking configuration for unsafe user input that is used to construct and evaluate a MVEL expression. |
Aliases
| MvelInjectionFlow | Tracks flow of unsafe user input that is used to construct and evaluate a MVEL expression. |