feat: add MaD to XSS query

GeekMasher · GeekMasher · commit c2929843380a · 2023-07-14T12:25:54.000+01:00
diff --git a/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll b/python/ql/lib/semmle/python/security/dataflow/ReflectedXSSCustomizations.qll
@@ -7,6 +7,7 @@
 private import python
 private import semmle.python.dataflow.new.DataFlow
 private import semmle.python.Concepts
+private import semmle.python.frameworks.data.ModelsAsData
 private import semmle.python.dataflow.new.RemoteFlowSources
 private import semmle.python.dataflow.new.BarrierGuards
 
@@ -43,6 +44,13 @@ module ReflectedXss {
    */
   class RemoteFlowSourceAsSource extends Source, RemoteFlowSource { }
 
+  /**
+   * A data flow sink for "reflected cross-site scripting" vulnerabilities.
+   */
+  private class DefaultReflectedXss extends Sink {
+    DefaultReflectedXss() { this = ModelOutput::getASourceNode(["html-injection", "js-injection"]).asSource() }
+  }
+
   /**
    * The body of a HTTP response that will be returned from a server, considered as a flow sink.
    */
