codeql/2021-03-09-template-object-injection.md at sauyon/java-spring-stringutils

mirror of https://github.com/github/codeql.git synced 2025-12-17 09:13:20 +01:00

Files

Erik Krogh Kristensen b039267b76 Apply suggestions from code review

Co-authored-by: Asger F <asgerf@github.com>

2021-03-15 12:39:56 +01:00

lgtm,codescanning

The js/template-object-injection query has been added. It highlights places where an attacker can pass special parameters to a template engine.