CodeQL library for JavaScript
Search

Module Xxe

Import path

import semmle.javascript.security.dataflow.XxeCustomizations

Classes

LocationAsSource

An access to document.location, considered as a flow source for XXE vulnerabilities.

RemoteFlowSourceAsSource

A source of remote user input, considered as a flow source for XXE vulnerabilities.

Sanitizer

A sanitizer for XXE vulnerabilities.

Sink

A data flow sink for XXE vulnerabilities.

Source

A data flow source for XXE vulnerabilities.

XmlParsingWithExternalEntityResolution

A call to an XML parser that performs external entity expansion, viewed as a data flow sink for XXE vulnerabilities.