hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-06-03 04:40:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

update @name, @tags, and alert message

Browse Source
This commit is contained in:
tombolton
2022-04-26 11:32:34 +01:00
parent 1452241ac9
commit 9fa5f67861
2 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
javascript/ql/experimental/adaptivethreatmodeling/src/StoredXssATM.ql
View File

@@ -1,14 +1,14 @@
/**
* For internal use only.
*
* @name Stored cross-site scripting (boosted)
* @name Stored cross-site scripting (experimental)
* @description Using uncontrolled stored values in HTML allows for a stored cross-site scripting vulnerability.
* @kind path-problem
* @scored
* @problem.severity error
* @security-severity 6.1
* @id adaptive-threat-modeling/js/stored-xss
* @tags experimental experimental/atm security external/cwe/cwe-079 external/cwe/cwe-116
* @tags experimental security external/cwe/cwe-079 external/cwe/cwe-116
*/
import experimental.adaptivethreatmodeling.StoredXssATM
@@ -24,6 +24,6 @@ where
score = getScoreForFlow(source.getNode(), sink.getNode()) and
scoreString = getScoreStringForFlow(source.getNode(), sink.getNode())
select sink.getNode(), source, sink,
"[Score = " + scoreString + "] This may be a js/stored-xss result depending on $@ " +
"(Experimental) This may be a js/stored-xss result due to $@ " +
getAdditionalAlertInfo(source.getNode(), sink.getNode()), source.getNode(),
"a user-provided value", score
" Identified using machine learning"

8
javascript/ql/experimental/adaptivethreatmodeling/src/XssThroughDomATM.ql
View File

@@ -1,14 +1,14 @@
/**
* For internal use only.
*
* @name DOM text reinterpreted as HTML (boosted)
* @name DOM text reinterpreted as HTML (experimental)
* @description Reinterpreting text from the DOM as HTML can lead to a cross-site scripting vulnerability.
* @kind path-problem
* @scored
* @problem.severity warning
* @security-severity 6.1
* @id adaptive-threat-modeling/js/xss-through-dom
* @tags experimental experimental/atm security external/cwe/cwe-079 external/cwe/cwe-116
* @tags experimental security external/cwe/cwe-079 external/cwe/cwe-116
*/
import experimental.adaptivethreatmodeling.XssThroughDomATM
@@ -24,6 +24,6 @@ where
score = getScoreForFlow(source.getNode(), sink.getNode()) and
scoreString = getScoreStringForFlow(source.getNode(), sink.getNode())
select sink.getNode(), source, sink,
"[Score = " + scoreString + "] This may be a js/xss-through-dom result depending on $@ " +
"(Experimental) This may be a js/xss-through-dom result due to $@ " +
getAdditionalAlertInfo(source.getNode(), sink.getNode()), source.getNode(),
"a user-provided value", score
" Identified using machine learning."