Python: Minor fixup of qhelp for XPath injection

2026-05-02 12:15:17 +02:00 · 2020-06-10 16:59:40 +02:00
parent 424e88d318
commit ce1f0a39ac
1 changed files with 2 additions and 2 deletions
--- a/python/ql/src/experimental/CWE-643/xpath.qhelp
+++ b/python/ql/src/experimental/CWE-643/xpath.qhelp
@@ -21,10 +21,10 @@
    <example>
        <p>In the example below, the xpath query is controlled by the user and hence leads to a vulnerability.</p>
        <sample src="xpathBad.py" />
-    </example>
        <p> This can be fixed by using a parameterized query as shown below.</p>
        <sample src="xpathGood.py" />
+    </example>
    <references>
        <li>OWASP XPath injection : <a href="https://owasp.org/www-community/attacks/XPATH_Injection"></a>/>> </li>
    </references>
-</qhelp>
+</qhelp>