CodeQL library for JavaScript/TypeScript
codeql/javascript-all 1.0.3-dev (changelog, source)
Search

Predicate TemplateObjectInjection::usesVulnerableTemplateEngine

Holds if the “view engine” of router is set to a vulnerable templating engine.

Import path

import semmle.javascript.security.dataflow.TemplateObjectInjectionCustomizations
predicate usesVulnerableTemplateEngine(RouterDefinition router)