hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-03 04:39:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

move md links to <a>

Browse Source
This commit is contained in:
Alvaro Muñoz
2020-10-22 15:12:01 +02:00
committed by Alvaro Muñoz
parent 65d01f5c9e
commit d990f7a470
1 changed files with 5 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
java/ql/src/experimental/Security/CWE/CWE-094/InsecureBeanValidation.qhelp
View File

@@ -4,9 +4,11 @@
<qhelp>
<overview>
<p>Bean validation custom constraint error messages support different types of interpolation, including [Java EL expressions](https://docs.jboss.org/hibernate/validator/5.1/reference/en-US/html/chapter-message-interpolation.html#section-interpolation-with-message-expressions).
Controlling part of the error message template being passed to `ConstraintValidatorContext.buildConstraintViolationWithTemplate()` argument will lead to arbitrary Java code execution.
Unfortunately, it is common that validated (and therefore, normally untrusted) bean properties flow into the custom error message.</p>
<p>Bean validation custom constraint error messages support different types of interpolation,
including <a href="https://docs.jboss.org/hibernate/validator/5.1/reference/en-US/html/chapter-message-interpolation.html#section-interpolation-with-message-expressions">Java EL expressions</a>.
Controlling part of the message template being passed to `ConstraintValidatorContext.buildConstraintViolationWithTemplate()`
argument will lead to arbitrary Java code execution. Unfortunately, it is common that validated (and therefore, normally
untrusted) bean properties flow into the custom error message.</p>
</overview>
<recommendation>