hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Correct typo

Browse Source
This commit is contained in:
ubuntu
2020-08-27 00:26:54 +02:00
parent 2305a642eb
commit 7d36b3b4d2
1 changed files with 0 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
javascript/ql/src/experimental/Security/CWE-090/LdadInjection.ql
View File

@@ -1,20 +0,0 @@
/**
* @name LDAP query built from user-controlled sources
* @description Building an LDAP query from user-controlled sources is vulnerable to insertion of
* malicious LDAP code by the user.
* @kind path-problem
* @problem.severity error
* @precision high
* @id javascript/ldap-injection
* @tags security
* external/cwe/cwe-090
*/
import javascript
import DataFlow::PathGraph
import LdapInjection::LdapInjection
from LdapInjectionConfiguration config, DataFlow::PathNode source, DataFlow::PathNode sink
where config.hasFlowPath(source, sink)
select sink.getNode(), source, sink, "LDAP query might include code from $@.", source.getNode(),
"user-provided value"