remove reference to command injection owasp

chanel-y · chanel-y · commit f375b812729a · 2025-04-22T09:26:48.000-07:00
diff --git a/powershell/ql/src/experimental/ConvertToSecureStringAsPlainText.qhelp b/powershell/ql/src/experimental/ConvertToSecureStringAsPlainText.qhelp
@@ -13,16 +13,10 @@ If you do need an ability to retrieve the password from somewhere without prompt
 </recommendation>
 <references>
 
-<li>
-OWASP:
-<a href="https://www.owasp.org/index.php/Command_Injection">Command Injection</a>.
-</li>
 <li>
 PSScriptAnalyzer:
 <a href="https://learn.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/rules/avoidusingconverttosecurestringwithplaintext?view=ps-modules">AvoidUsingConvertToSecureStringWithPlainText</a>.
 </li>
-<!--  LocalWords:  CWE untrusted unsanitized Runtime
- -->
 
 </references>
 </qhelp>
diff --git a/powershell/ql/src/experimental/HardcodedComputerName.qhelp b/powershell/ql/src/experimental/HardcodedComputerName.qhelp
@@ -14,10 +14,6 @@
 </recommendation>
 <references>
 
-<li>
-OWASP:
-<a href="https://www.owasp.org/index.php/Command_Injection">Command Injection</a>.
-</li>
 <li>
 PSScriptAnalyzer:
 <a href="https://learn.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/rules/avoidusingcomputernamehardcoded?view=ps-modules">AvoidUsingComputerNameHardcoded</a>.
diff --git a/powershell/ql/src/experimental/UseOfReservedCmdletChar.qhelp b/powershell/ql/src/experimental/UseOfReservedCmdletChar.qhelp
@@ -17,16 +17,10 @@ Reserved Characters include: #,(){}[]&/\\$^;:\"'<>|?@`*%+=~
 </recommendation>
 <references>
 
-<li>
-OWASP:
-<a href="https://www.owasp.org/index.php/Command_Injection">Command Injection</a>.
-</li>
 <li>
 PSScriptAnalyzer:
 <a href="https://learn.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/rules/reservedcmdletchar?view=ps-modules">ReservedCmdletChar</a>.
 </li>
-<!--  LocalWords:  CWE untrusted unsanitized Runtime
- -->
 
 </references>
 </qhelp>
diff --git a/powershell/ql/src/experimental/UsernameOrPasswordParameter.qhelp b/powershell/ql/src/experimental/UsernameOrPasswordParameter.qhelp
@@ -14,16 +14,11 @@
 </recommendation>
 <references>
 
-<li>
-OWASP:
-<a href="https://www.owasp.org/index.php/Command_Injection">Command Injection</a>.
-</li>
+
 <li>
 PSScriptAnalyzer:
 <a href="https://learn.microsoft.com/en-us/powershell/utility-modules/psscriptanalyzer/rules/avoidusingusernameandpasswordparams?view=ps-modules">AvoidUsingUsernameAndPasswordParams</a>.
 </li>
-<!--  LocalWords:  CWE untrusted unsanitized Runtime
- -->
 
 </references>
 </qhelp>
