Module ExceptionXss
Provides sources, sinks, and sanitizers for reasoning about cross-site scripting vulnerabilities where the taint-flow passes through a thrown exception.
Import path
import semmle.javascript.security.dataflow.ExceptionXssCustomizationsClasses
| FlowState | A flow state to associate with a tracked value. |
| NotYetThrown | DEPRECATED. Use |
| Source | A data flow source for XSS caused by interpreting exception or error text as HTML. |
Modules
| FlowState | Predicates for working with flow states. |