JavaScript: Teach Xss query about WinJS HTML injection functions.

2026-04-29 10:45:15 +02:00 · 2018-12-06 09:13:21 +00:00
parent b638961a4f
commit ef347b3870
6 changed files with 38 additions and 2 deletions
--- a/javascript/ql/src/Security/CWE-079/Xss.ql
+++ b/javascript/ql/src/Security/CWE-079/Xss.ql
@@ -1,5 +1,5 @@
 /**
- * @name Client side cross-site scripting
+ * @name Client-side cross-site scripting
 * @description Writing user input directly to the DOM allows for
 *              a cross-site scripting vulnerability.
 * @kind path-problem