Predicate isTaintedGuardForSensitiveAction
Holds if sink
guards action
, and source
taints sink
.
If flow from source
taints sink
, then an attacker can
control if action
should be executed or not.
Import path
import semmle.javascript.security.dataflow.ConditionalBypassQuery
predicate isTaintedGuardForSensitiveAction(PathNode sink, PathNode source, SensitiveAction action)