Skip to content

Commit

Permalink
Ruby: use in ReflectedXss
Browse files Browse the repository at this point in the history
  • Loading branch information
@asgerf
asgerf committed Dec 16, 2024
1 parent fd2b8d7 commit c417dc4
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,9 +15,9 @@

import codeql.ruby.AST
import codeql.ruby.security.ReflectedXSSQuery
import ReflectedXssFlow::PathGraph
import ReflectedXssFlow

from ReflectedXssFlow::PathNode source, ReflectedXssFlow::PathNode sink
where ReflectedXssFlow::flowPath(source, sink)
from PathNode source, PathNode sink
where flowPath(source, sink)
select sink.getNode(), source, sink, "Cross-site scripting vulnerability due to a $@.",
source.getNode(), "user-provided value"

0 comments on commit c417dc4

Please sign in to comment.