CodeQL library for Java
codeql/java-all 0.4.5 (changelog, source)
Search

Module OgnlInjectionQuery

Provides taint tracking configurations to be used in OGNL injection queries.

Import path

import semmle.code.java.security.OgnlInjectionQuery

Imports

FlowSources

Provides classes representing various flow sources for taint tracking.

OgnlInjection

Provides classes to reason about OGNL injection vulnerabilities.

java

Provides all default Java QL imports.

Classes

OgnlInjectionFlowConfig

A taint-tracking configuration for unvalidated user input that is used in OGNL EL evaluation.