Merge pull request #21472 from owen-mc/adjust-severity/xss-log-injection

Adjust `@security-severity` metadata for XSS and log injection queries
2026-04-28 18:25:24 +02:00 · 2026-03-18 16:51:14 +00:00
parent d4a0846c6c 3aaee9d981
commit 5b17d8cf76
29 changed files with 59 additions and 21 deletions
--- a/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql
+++ b/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql
@@ -4,7 +4,7 @@
 *              allows for a cross-site scripting vulnerability.
 * @kind path-problem
 * @problem.severity error
- * @security-severity 6.1
+ * @security-severity 7.8
 * @precision high
 * @id cpp/cgi-xss
 * @tags security
--- a/cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
+++ b/cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md
@@ -0,0 +1,4 @@
+---
+category: queryMetadata
+---
+* The `@security-severity` metadata of `cpp/cgi-xss` has been increased from 6.1 (medium) to 7.8 (high).