You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: java/ql/src/experimental/Security/CWE/CWE-643/XPathInjection.qhelp
+6-6Lines changed: 6 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -5,14 +5,14 @@
5
5
<overview>
6
6
<p>
7
7
If an XPath expression is built using string concatenation, and the components of the concatenation
8
-
include user input, a user is likely to be able to create a malicious XPath expression.
8
+
include user input, it makes it very easy for a user to create a malicious XPath expression.
9
9
</p>
10
10
</overview>
11
11
12
12
<recommendation>
13
13
<p>
14
-
If user input must be included in an XPath expression, pre-compile the query and use variable
15
-
references to include the user input.
14
+
If user input must be included in an XPath expression, either sanitize the data or pre-compile the query
15
+
and use variable references to include the user input.
16
16
</p>
17
17
<p>
18
18
XPath injection can also be prevented by using XQuery.
@@ -22,14 +22,14 @@ XPath injection can also be prevented by using XQuery.
22
22
23
23
<example>
24
24
<p>
25
-
In the first, second, and third example, the code accepts a name and password specified by the user, and uses this
25
+
In the first three examples, the code accepts a name and password specified by the user, and uses this
26
26
unvalidated and unsanitized value in an XPath expression. This is vulnerable to the user providing
27
27
special characters or string sequences that change the meaning of the XPath expression to search
28
28
for different values.
29
29
</p>
30
30
31
31
<p>
32
-
In the fourth example, the code utilizes setXPathVariableResolver which prevents XPath Injection.
32
+
In the fourth example, the code uses `setXPathVariableResolver` which prevents XPath injection.
33
33
</p>
34
34
<p>
35
35
The fifth example is a dom4j XPath injection example.
@@ -39,6 +39,6 @@ The fifth example is a dom4j XPath injection example.
39
39
40
40
<references>
41
41
<li>OWASP: <ahref="https://owasp.org/www-project-web-security-testing-guide/latest/4-Web_Application_Security_Testing/07-Input_Validation_Testing/09-Testing_for_XPath_Injection">Testing for XPath Injection</a>.</li>
0 commit comments