Module OgnlInjectionQuery
Provides taint tracking configurations to be used in OGNL injection queries.
Import path
import semmle.code.java.security.OgnlInjectionQueryImports
| FlowSources | Provides classes representing various flow sources for taint tracking. |
| OgnlInjection | Provides classes to reason about OGNL injection vulnerabilities. |
| java | Provides all default Java QL imports. |
Modules
| OgnlInjectionFlowConfig | A taint-tracking configuration for unvalidated user input that is used in OGNL EL evaluation. |
Aliases
| OgnlInjectionFlow | Tracks flow of unvalidated user input that is used in OGNL EL evaluation. |