CodeQL library for JavaScript/TypeScript
codeql/javascript-all 2.0.1-dev (changelog, source)
Search

Member predicate UnsafeHtmlConstruction::XssSink::getVulnerabilityKind

Gets the kind of vulnerability to report in the alert message.

Defaults to Cross-site scripting, but may be overridden for sinks that do not allow script injection, but injection of other undesirable HTML elements.

string getVulnerabilityKind()