hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-22 15:36:48 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
8d87f556e1cee4d29be9a29ddb1fb5bbc520653f
codeql/javascript/ql/src/Security/CWE-640/HostHeaderPoisoningInEmailGeneration.ql
Max Schaefer 8d87f556e1 JavaScript: Add import DataFlow::PathGraph.
2018-11-14 09:16:40 +00:00

20 lines
749 B
Plaintext
Raw Blame History

/**
* @name Host header poisoning in email generation
* @description Using the HTTP Host header to construct a link in an email can facilitate phishing
* attacks and leak password reset tokens.
* @kind path-problem
* @problem.severity error
* @precision high
* @id js/host-header-forgery-in-email-generation
* @tags security
* external/cwe/cwe-640
*/
import javascript
import semmle.javascript.security.dataflow.HostHeaderPoisoningInEmailGeneration::HostHeaderPoisoningInEmailGeneration
import DataFlow::PathGraph
from Configuration cfg, DataFlow::Node source, DataFlow::Node sink
where cfg.hasFlow(source, sink)
select sink, "Links in this email can be hijacked by poisoning the HTTP host header $@.", source, "here"
Reference in New Issue View Git Blame Copy Permalink