CodeQL library for Java
codeql/java-all 0.5.1 (changelog, source)
Search

Module TemplateInjection

Definitions related to the server-side template injection (SST) query.

Import path

import semmle.code.java.security.TemplateInjection

Imports

java

Provides all default Java QL imports.

Classes

TemplateInjectionAdditionalTaintStep

A unit class for adding additional taint steps.

TemplateInjectionSanitizer

A sanitizer for server-side template injection (SST) vulnerabilities.

TemplateInjectionSanitizerWithState

A sanitizer for server-side template injection (SST) vulnerabilities. This sanitizer is only applicable when TemplateInjectionSanitizerWithState::hasState holds for the flow state.

TemplateInjectionSink

A sink for server-side template injection (SST) vulnerabilities.

TemplateInjectionSource

A source for server-side template injection (SST) vulnerabilities.