Add security severity + fix qhelp

joefarebrother · joefarebrother · commit e4e02ec67499 · 2024-12-09T19:56:03.000Z
diff --git a/python/ql/src/Security/CWE-074/TemplateInjection.qhelp b/python/ql/src/Security/CWE-074/TemplateInjection.qhelp
@@ -12,7 +12,7 @@
         </p>
     </recommendation>
     <example>
-        <p>In the following case <code>template<code> is used to generate a Jinja2 template string. This can lead to remote code execution. </p>
+        <p>In the following case, <code>template</code> is used to generate a Jinja2 template string. This can lead to remote code execution. </p>
         <sample src="examples/JinjaBad.py" />
 
         <p>The following is an example of a string that could be used to cause remote code execution when interpreted as a template:</p>
diff --git a/python/ql/src/Security/CWE-074/TemplateInjection.ql b/python/ql/src/Security/CWE-074/TemplateInjection.ql
@@ -4,6 +4,7 @@
  * @kind path-problem
  * @problem.severity error
  * @precision high
+ * @security-severity 9.3
  * @id py/template-injection
  * @tags security
  *       external/cwe/cwe-074
