CodeQL library for Java/Kotlin
codeql/java-all 0.9.1 (changelog, source)
Index
Search

Module XsltInjectionQuery

Provides taint tracking configurations to be used in XSLT injection queries.

Import path

import semmle.code.java.security.XsltInjectionQuery

Imports

FlowSources

Provides classes representing various flow sources for taint tracking.

TaintTracking

Provides classes for performing local (intra-procedural) and global (inter-procedural) taint-tracking analyses.

XmlParsers

Provides classes and predicates for modeling XML parsers in Java.

XsltInjection

Provides classes to reason about XSLT injection vulnerabilities.

java

Provides all default Java QL imports.

Classes

XsltInjectionFlowConfig

DEPRECATED: Use XsltInjectionFlow instead.

Modules

XsltInjectionFlowConfig

A taint-tracking configuration for unvalidated user input that is used in XSLT transformation.

Aliases

XsltInjectionFlow

Tracks flow from unvalidated user input to XSLT transformation.