Module SpelInjectionQuery
Provides taint tracking and dataflow configurations to be used in SpEL injection queries.
Import path
import semmle.code.java.security.SpelInjectionQueryImports
| java | Provides all default Java QL imports. |
Classes
| SpelInjectionConfig | DEPRECATED: Use |
Modules
| SpelInjectionConfig | A taint-tracking configuration for unsafe user input that is used to construct and evaluate a SpEL expression. |
Aliases
| SpelInjectionFlow | Tracks flow of unsafe user input that is used to construct and evaluate a SpEL expression. |