CodeQL library for JavaScript
Search

Module IndirectCommandInjectionQuery

Provides a taint-tracking configuration for reasoning about command-injection vulnerabilities (CWE-078).

Import path

import semmle.javascript.security.dataflow.IndirectCommandInjectionQuery

Imports

IndirectCommandInjection
javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

A taint-tracking configuration for reasoning about command-injection vulnerabilities.