CodeQL library for Java
codeql/java-all 0.4.4 (changelog, source)
Search

Class TemplateInjectionAdditionalTaintStep

A unit class for adding additional taint steps.

Extend this class to add additional taint steps that should apply to flows related to server-side template injection (SST) vulnerabilities.

Import path

import semmle.code.java.security.TemplateInjection

Direct supertypes

Indirect supertypes

Predicates

isAdditionalTaintStep

Holds if the step from node1 to node2 should be considered a taint step for flows related to server-side template injection (SST) vulnerabilities.

isAdditionalTaintStep

Holds if the step from node1 to node2 should be considered a taint step for flows related toserver-side template injection (SST) vulnerabilities. This step is only applicable in state1 and updates the flow state to state2.

Inherited predicates

toString

Gets a textual representation of this element.

from Unit