microsoft
diff --git a/‎python/ql/src/experimental/Security/CWE-079/ReflectedXSS.ql renamed to ‎python/ql/src/experimental/Security/CWE-079/EmailXss.ql
Lines changed: 4 additions & 4 deletions b/‎python/ql/src/experimental/Security/CWE-079/ReflectedXSS.ql renamed to ‎python/ql/src/experimental/Security/CWE-079/EmailXss.ql
Lines changed: 4 additions & 4 deletions
diff --git a/‎python/ql/src/experimental/semmle/python/security/dataflow/ReflectedXSS.qll renamed to ‎python/ql/src/experimental/semmle/python/security/dataflow/EmailXss.qll
Lines changed: 4 additions & 9 deletions b/‎python/ql/src/experimental/semmle/python/security/dataflow/ReflectedXSS.qll renamed to ‎python/ql/src/experimental/semmle/python/security/dataflow/EmailXss.qll
Lines changed: 4 additions & 9 deletions
diff --git a/‎python/ql/test/experimental/query-tests/Security/CWE-079/ReflectedXSS.expected renamed to ‎python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.expected b/‎python/ql/test/experimental/query-tests/Security/CWE-079/ReflectedXSS.expected renamed to ‎python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.expected
diff --git a/‎python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.qlref
Lines changed: 1 addition & 0 deletions b/‎python/ql/test/experimental/query-tests/Security/CWE-079/EmailXss.qlref
Lines changed: 1 addition & 0 deletions
diff --git a/‎python/ql/test/experimental/query-tests/Security/CWE-079/ReflectedXSS.qlref
Lines changed: 0 additions & 1 deletion b/‎python/ql/test/experimental/query-tests/Security/CWE-079/ReflectedXSS.qlref
Lines changed: 0 additions & 1 deletion
@@ -15,10 +15,10 @@
 
 // determine precision above
 import python
-import experimental.semmle.python.security.dataflow.ReflectedXSS
-import ReflectedXSSFlow::PathGraph
+import experimental.semmle.python.security.dataflow.EmailXss
+import EmailXssFlow::PathGraph
 
-from ReflectedXSSFlow::PathNode source, ReflectedXSSFlow::PathNode sink
-where ReflectedXSSFlow::flowPath(source, sink)
+from EmailXssFlow::PathNode source, EmailXssFlow::PathNode sink
+where EmailXssFlow::flowPath(source, sink)
 select sink.getNode(), source, sink, "Cross-site scripting vulnerability due to $@.",
   source.getNode(), "a user-provided value"
@@ -1,6 +1,5 @@
 /**
- * Provides a taint-tracking configuration for detecting reflected server-side
- * cross-site scripting vulnerabilities.
+ * Provides a taint-tracking configuration for detecting "Email XSS" vulnerabilities.
  */
 
 import python
@@ -12,11 +11,7 @@ import experimental.semmle.python.Concepts
 import semmle.python.Concepts
 import semmle.python.ApiGraphs
 
-/**
- * A taint-tracking configuration for detecting reflected server-side cross-site
- * scripting vulnerabilities.
- */
-private module ReflectedXSSConfig implements DataFlow::ConfigSig {
+private module EmailXssConfig implements DataFlow::ConfigSig {
   predicate isSource(DataFlow::Node source) { source instanceof RemoteFlowSource }
 
   predicate isSink(DataFlow::Node sink) { sink = any(EmailSender email).getHtmlBody() }
@@ -41,5 +36,5 @@ private module ReflectedXSSConfig implements DataFlow::ConfigSig {
   }
 }
 
-/** Global taint-tracking for detecting "TODO" vulnerabilities. */
-module ReflectedXSSFlow = TaintTracking::Global<ReflectedXSSConfig>;
+/** Global taint-tracking for detecting "Email XSS" vulnerabilities. */
+module EmailXssFlow = TaintTracking::Global<EmailXssConfig>;
@@ -0,0 +1 @@
+experimental/Security/CWE-079/EmailXss.ql
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1 @@`
	`1`	`+experimental/Security/CWE-079/EmailXss.ql`