hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-02-10 20:21:10 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
eddc2f30383f266121237d0565ec14ea5fb85cfe
codeql/javascript/ql/experimental/adaptivethreatmodeling/test/endpoint_large_scale/ExtractEndpointDataInference.expected
tiferet a317f2bfe2 Test for endpoints scored at inference time 
Adds a test to detect changes in the endpoints that get scored at inference time.
2022-12-02 06:59:31 -08:00

279 lines
28 KiB
Plaintext
Raw Blame History

| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:28:52:30 | key |
| DomBasedXssAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category |
| DomBasedXssAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:312:19:312:22 | path |
| DomBasedXssAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath |
| DomBasedXssAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:328:19:328:32 | normalizedPath |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/classnames.js:7:47:7:69 | classNa ... w.name) |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/classnames.js:8:47:8:70 | classNa ... w.name) |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/classnames.js:9:47:9:70 | classNa ... w.name) |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/classnames.js:11:47:11:64 | unsafeStyle('foo') |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/classnames.js:13:47:13:68 | safeSty ... w.name) |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/classnames.js:15:47:15:63 | clsx(window.name) |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/event-handler-receiver.js:2:49:2:61 | location.href |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/jquery.js:7:20:7:26 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/jquery.js:10:13:10:31 | location.toString() |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/sanitiser.js:23:29:23:35 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/sanitiser.js:30:29:30:35 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/sanitiser.js:33:29:33:35 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/sanitiser.js:38:29:38:35 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/sanitiser.js:45:29:45:35 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/stored-xss.js:12:35:12:38 | href |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:8:37:8:114 | documen ... t=")+8) |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:12:28:12:33 | target |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:15:37:15:42 | target |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:43:20:43:20 | s |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:87:28:87:51 | documen ... .search |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:357:20:357:25 | target |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:361:14:361:19 | target |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:4:14:4:20 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:5:12:5:18 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:7:14:7:20 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:9:19:9:25 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:10:16:10:22 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:12:19:12:25 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/DomBasedXss/various-concat-obfuscations.js:15:27:15:55 | (attrs. ... 'left') |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:27:19:27:21 | foo |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:33:11:33:22 | ["bar", foo] |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:68:19:68:21 | foo |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:95:11:95:22 | [foo, "bar"] |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:148:33:148:35 | foo |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:171:11:171:17 | tainted |
| DomBasedXssAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:40:42:40:50 | [req.url] |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url |
| DomBasedXssAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:24:14:32 | { id: v } |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:27:22:35 | { id: v } |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:27:23:35 | { id: v } |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/marsdb-flow-to.js:10:17:10:18 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/marsdb.js:12:17:12:18 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/minimongo.js:14:17:14:18 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:12:19:12:20 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:48:19:48:20 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:59:16:59:17 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:106:17:106:18 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:12:19:12:20 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb_bodySafe.js:23:19:23:20 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:20:19:20:20 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:76:12:76:16 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:81:37:81:41 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:86:46:86:50 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:88:51:88:55 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:90:49:90:53 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:93:43:93:47 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:95:48:95:52 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:97:46:97:50 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:99:44:99:48 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseJsonParse.js:19:19:19:20 | {} |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:55 | "SELECT ... PRICE" |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query |
| NosqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:28:52:30 | key |
| NosqlInjectionAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:312:19:312:22 | path |
| NosqlInjectionAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath |
| NosqlInjectionAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:328:19:328:32 | normalizedPath |
| NosqlInjectionAtmConfig | autogenerated/TaintedPath/pupeteer.js:9:20:9:50 | { path: ... 'a4' } |
| NosqlInjectionAtmConfig | autogenerated/TaintedPath/pupeteer.js:13:29:13:45 | { path: tainted } |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/nodemailer.js:8:22:14:3 | {\\n f ... OK\\n } |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:15:37:15:42 | target |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:87:28:87:51 | documen ... .search |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:199:32:199:75 | {danger ... inted}} |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:200:32:200:75 | {danger ... inted}} |
| NosqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:361:14:361:19 | target |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:27:11:27:23 | { prop: foo } |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:33:11:33:22 | ["bar", foo] |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:68:19:68:21 | foo |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:95:11:95:22 | [foo, "bar"] |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:148:33:148:35 | foo |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:171:11:171:17 | tainted |
| NosqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id |
| NosqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body |
| NosqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body |
| NosqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body |
| NosqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url |
| NosqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:40:42:40:50 | [req.url] |
| NosqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:25:23:25:48 | JSON.pa ... y.data) |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:34 | "SELECT ... ategory |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:6:15:7:55 | "SELECT ... PRICE" |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:28:52:30 | key |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:8:34 | "SELECT ... ategory |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:7:16:8:55 | "SELECT ... PRICE" |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/tst4.js:8:10:8:60 | 'SELECT ... rams.id |
| SqlInjectionAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/tst.js:10:10:10:58 | 'SELECT ... rams.id |
| SqlInjectionAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:312:19:312:22 | path |
| SqlInjectionAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath |
| SqlInjectionAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:328:19:328:32 | normalizedPath |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/classnames.js:10:45:10:55 | window.name |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/dates.js:15:65:15:69 | taint |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/dates.js:17:49:17:53 | taint |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:6:27:6:32 | data.w |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:11:36:11:41 | data.w |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst3.js:15:23:15:29 | data[p] |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:15:37:15:42 | target |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:83:29:83:52 | documen ... .search |
| SqlInjectionAtmConfig | autogenerated/Xss/DomBasedXss/tst.js:86:31:86:54 | documen ... .search |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:5:11:5:11 | x |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:9:11:9:13 | foo |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:21:11:21:21 | foo + "bar" |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:27:19:27:21 | foo |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:33:19:33:21 | foo |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:68:19:68:21 | foo |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:89:11:89:26 | foo.match(/foo/) |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:95:12:95:14 | foo |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:102:12:102:14 | foo |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:128:11:128:52 | session ... ssion') |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:148:33:148:35 | foo |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:171:11:171:17 | tainted |
| SqlInjectionAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id |
| SqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] |
| SqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body |
| SqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body |
| SqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id |
| SqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:43 | msg.length |
| SqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url |
| SqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url |
| SqlInjectionAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:14:30:14:30 | v |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:22:33:22:33 | v |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/typed/typedClient.ts:23:33:23:33 | v |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/json-schema-validator.js:26:25:26:29 | query |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:21:25:21:45 | '' + qu ... y.title |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:24:25:24:50 | query.b ... bstr(1) |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:77:22:77:24 | tag |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongodb.js:85:20:85:22 | tag |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:130:23:130:24 | id |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongoose.js:131:30:131:31 | id |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:11:22:11:22 | v |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:12:22:12:32 | req.body.id |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/mongooseModelClient.js:13:22:13:37 | `${req.body.id}` |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:26:13:26:25 | req.params.id |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:41:7:41:20 | req.params.foo |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:48:13:48:27 | req.params.name |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:55:13:55:27 | req.params.name |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/pg-promise.js:63:23:63:27 | query |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/redis.js:52:28:52:30 | key |
| TaintedPathAtmConfig | autogenerated/NosqlAndSqlInjection/untyped/tst3.js:16:23:16:41 | req.params.category |
| TaintedPathAtmConfig | autogenerated/TaintedPath/TaintedPath.js:115:12:115:51 | path.re ... /g, '') |
| TaintedPathAtmConfig | autogenerated/TaintedPath/TaintedPath.js:116:12:116:36 | path.re ... /g, '') |
| TaintedPathAtmConfig | autogenerated/TaintedPath/TaintedPath.js:128:11:128:50 | path.re ... /g, '') |
| TaintedPathAtmConfig | autogenerated/TaintedPath/TaintedPath.js:129:12:129:36 | path.re ... /g, '') |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:21:14:21:49 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:31:14:31:49 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:54:14:54:49 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:73:14:73:56 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:94:14:94:49 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:106:14:106:49 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:117:14:117:44 | fs.real ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:130:14:130:49 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:139:14:139:62 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:148:14:148:58 | 'foo/' ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:160:14:160:49 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:214:14:214:49 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:219:10:219:33 | decodeU ... t(path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:226:14:226:70 | pathMod ... g, ' ') |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:230:12:230:36 | path.re ... /g, '') |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:236:14:236:47 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:254:14:254:47 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:312:19:312:22 | path |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:321:19:321:32 | normalizedPath |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:328:19:328:32 | normalizedPath |
| TaintedPathAtmConfig | autogenerated/TaintedPath/normalizedPaths.js:339:13:339:46 | pathMod ... y.path) |
| TaintedPathAtmConfig | autogenerated/Xss/DomBasedXss/nodemailer.js:10:30:10:47 | req.query.receiver |
| TaintedPathAtmConfig | autogenerated/Xss/DomBasedXss/nodemailer.js:12:11:12:69 | `Hi, yo ... sage}.` |
| TaintedPathAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:117:11:117:23 | req.params.id |
| TaintedPathAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:136:10:136:22 | req.params.id |
| TaintedPathAtmConfig | autogenerated/Xss/ExceptionXss/exception-xss.js:180:10:180:22 | req.params.id |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:5:32:22 | ['body', req.body] |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:32:14:32:21 | req.body |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:70:47:70:54 | req.body |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:99:31:99:38 | req.body |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXss.js:102:68:102:75 | req.body |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:19:45:19:57 | req.params.id |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/ReflectedXssGood.js:49:34:49:43 | msg.length |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:13:42:13:48 | req.url |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:40:42:40:50 | [req.url] |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:40:43:40:49 | req.url |
| TaintedPathAtmConfig | autogenerated/Xss/ReflectedXss/partial.js:49:38:49:44 | req.url |
Reference in New Issue View Git Blame Copy Permalink