Update ql/src/Security/CWE-349/CachePoisoning.ql

Alvaro Muñoz · JarLob · web-flow · commit 409a6aa1373d · 2024-05-08T18:48:16.000+02:00
Co-authored-by: Jaroslav Lobačevski &lt;jarlob@github.com&gt;
diff --git a/ql/src/Security/CWE-349/CachePoisoning.ql b/ql/src/Security/CWE-349/CachePoisoning.ql
@@ -43,4 +43,4 @@ where
     // (The cache specific token can be leaked even for non-privileged workflows)
     checkout.getAFollowingStep() instanceof PoisonableStep
   )
-select checkout, "Potential cache poisoning on privileged workflow."
+select checkout, "Potential cache poisoning of a default branch."

Original file line number	Diff line number	Diff line change
`@@ -43,4 +43,4 @@ where`
`43`	`43`	`// (The cache specific token can be leaked even for non-privileged workflows)`
`44`	`44`	`checkout.getAFollowingStep() instanceof PoisonableStep`
`45`	`45`	`)`
`46`		`-select checkout, "Potential cache poisoning on privileged workflow."`
	`46`	`+select checkout, "Potential cache poisoning of a default branch."`