Skip to content

Commit 1ad7bd9

Browse files
SpaceWhiteSpaceWhite
committed
add sample code
1 parent a29ccd6 commit 1ad7bd9

File tree

1 file changed

+4
-0
lines changed

1 file changed

+4
-0
lines changed

java/ql/src/Security/CWE/CWE-094/ScriptEngine.java

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,4 @@
1+
// Bad: arbitrary code execution
2+
ScriptEngineManager scriptEngineManager = new ScriptEngineManager();
3+
ScriptEngine scriptEngine = scriptEngineManager.getEngineByExtension("js");
4+
Object result = scriptEngine.eval(code);

0 commit comments

Comments
 (0)