Predicate problems
Holds if replace
has a pattern argument containing a regular expression
dangerous
which matches a dangerous string beginning with prefix
. msg
is the alert we report.
Import path
import semmle.javascript.security.IncompleteMultiCharacterSanitizationQuery
predicate problems(StringSubstitutionCall replace, string msg, EmptyReplaceRegExpTerm dangerous, string prefix)