From 52809133f56a3ebf5a1bd1aae259fb024477492a Mon Sep 17 00:00:00 2001 From: Owen Mansel-Chan Date: Fri, 13 Mar 2026 11:10:43 +0000 Subject: [PATCH] Add change notes --- .../2026-03-13-adjust-xss-and-log-injection-severity.md | 4 ++++ .../2026-03-13-adjust-xss-and-log-injection-severity.md | 5 +++++ .../2026-03-13-adjust-xss-and-log-injection-severity.md | 5 +++++ .../2026-03-13-adjust-xss-and-log-injection-severity.md | 5 +++++ .../2026-03-13-adjust-xss-and-log-injection-severity.md | 5 +++++ .../2026-03-13-adjust-xss-and-log-injection-severity.md | 5 +++++ .../2026-03-13-adjust-xss-and-log-injection-severity.md | 4 ++++ .../2026-03-13-adjust-xss-and-log-injection-severity.md | 4 ++++ 8 files changed, 37 insertions(+) create mode 100644 cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md create mode 100644 csharp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md create mode 100644 go/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md create mode 100644 java/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md create mode 100644 python/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md create mode 100644 ruby/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md create mode 100644 rust/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md create mode 100644 swift/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md diff --git a/cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 00000000000..0810e9c49ba --- /dev/null +++ b/cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `cpp/cgi-xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/csharp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/csharp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 00000000000..c317194bc25 --- /dev/null +++ b/csharp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `cs/log-forging` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `cs/web/xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/go/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/go/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 00000000000..45320bcd719 --- /dev/null +++ b/go/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `go/log-injection` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `go/html-template-escaping-bypass-xss`, `go/reflected-xss` and `go/stored-xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/java/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/java/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 00000000000..fa1288af16e --- /dev/null +++ b/java/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `java/log-injection` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `java/android/webview-addjavascriptinterface`, `java/android/websettings-javascript-enabled` and `java/xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/python/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/python/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 00000000000..4278d0171e3 --- /dev/null +++ b/python/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `py/log-injection` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `py/jinja2/autoescape-false` and `py/reflective-xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/ruby/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/ruby/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 00000000000..459c2ce7f91 --- /dev/null +++ b/ruby/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `rb/log-injection` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `rb/reflected-xss`, `rb/stored-xss` and `rb/html-constructed-from-input` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/rust/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/rust/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 00000000000..7c24d4147a5 --- /dev/null +++ b/rust/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `rust/xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/swift/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/swift/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 00000000000..a46302ed146 --- /dev/null +++ b/swift/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `swift/unsafe-webview-fetch` has been increased from 6.1 (medium) to 7.8 (high).