Java: update xss sink kind to html-injection and js-injection

2026-03-01 05:13:41 +01:00 · 2023-05-09 12:18:11 -04:00
parent 041caa7405
commit ac8d985a63
8 changed files with 17 additions and 16 deletions
--- a/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
+++ b/java/ql/lib/semmle/code/java/dataflow/ExternalFlow.qll
@@ -275,11 +275,12 @@ module ModelValidation {
      not kind =
        [
          "open-url", "jndi-injection", "ldap-injection", "sql-injection", "jdbc-url",
-          "log-injection", "mvel-injection", "xpath-injection", "groovy-injection", "xss",
-          "ognl-injection", "intent-redirection", "pending-intents", "url-redirection",
-          "create-file", "read-file", "write-file", "hostname-verification", "response-splitting",
-          "information-leak", "xslt-injection", "jexl-injection", "bean-validation",
-          "template-injection", "fragment-injection", "command-injection"
+          "log-injection", "mvel-injection", "xpath-injection", "groovy-injection",
+          "html-injection", "js-injection", "ognl-injection", "intent-redirection",
+          "pending-intents", "url-redirection", "create-file", "read-file", "write-file",
+          "hostname-verification", "response-splitting", "information-leak", "xslt-injection",
+          "jexl-injection", "bean-validation", "template-injection", "fragment-injection",
+          "command-injection"
        ] and
      not kind.matches("regex-use%") and
      not kind.matches("qltest%") and