CodeQL library for JavaScript
Search

Module StoredXssQuery

Provides a taint-tracking configuration for reasoning about stored cross-site scripting vulnerabilities.

Import path

import semmle.javascript.security.dataflow.StoredXssQuery

Imports

StoredXss

Provides classes and predicates for the stored XSS query.

javascript

Provides classes for working with JavaScript programs, as well as JSON, YAML and HTML.

Classes

Configuration

A taint-tracking configuration for reasoning about XSS.

FileNameSourceAsSource

A file name, considered as a flow source for stored XSS.

UserControlledTorrentInfoAsSource

User-controlled torrent information, considered as a flow source for stored XSS.