Module OgnlInjection
Provides classes to reason about OGNL injection vulnerabilities.
Import path
import semmle.code.java.security.OgnlInjection
Imports
java | Provides all default Java QL imports. |
Classes
OgnlInjectionAdditionalTaintStep | A unit class for adding additional taint steps. |
OgnlInjectionSink | A data flow sink for unvalidated user input that is used in OGNL EL evaluation. |