Class DjangoRawSqlSink

A sink of taint on calls to django.db.models.expressions.RawSQL. This allows arbitrary SQL statements to be executed, which is a security risk.

Import path


                                import semmle.python.web.django.Db

sinks	Holds if `this` “sinks” taint kind `kind` Typically this means that `this` is vulnerable to taint kind `kind`.
toString	Gets a textual representation of this element.

getLocation		from TaintSink
hasLocationInfo	Holds if this element is at the specified location. The location spans column `startcolumn` of line `startline` to column `endcolumn` of line `endline` in file `filepath`. For more information, see Locations.	from TaintSink