hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-24 04:36:35 +01:00
Code Issues Packages Projects Releases Wiki Activity

Apply docs review suggestions

Browse Source 
Co-authored-by: Sarita Iyer <66540150+saritai@users.noreply.github.com>
This commit is contained in:
Edward Minnix III
2023-03-24 11:36:52 -04:00
committed by Ed Minnix
parent 0eaf222b54
commit 43d79dc5b8
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
java/ql/src/Security/CWE/CWE-522/InsecureLdapAuth.qhelp
View File

@@ -33,7 +33,7 @@
<p>
In the following (good) example, a <code>ldap://</code> URL is used, but
SASL authentication is enabled.
SASL authentication is enabled so that the credentials will be encrypted.
</p>
<sample src="LdapEnableSasl.java"/>
</example>

2
java/ql/src/change-notes/2023-03-08-insecure-ldap-authentication.md
View File

@@ -1,4 +1,4 @@
---
category: newQuery
---
* The query `java/insecure-ldap-auth` has been promoted from experimental to the main query pack. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/4854)
* The query `java/insecure-ldap-auth` has been promoted from experimental to the main query pack. This query detects transmission of cleartext credentials in LDAP authentication. Insecure LDAP authentication causes sensitive information to be vulnerable to remote attackers. This query was originally [submitted as an experimental query by @luchua-bc](https://github.com/github/codeql/pull/4854)