-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #15629 from egregius313/egregius313/csharp/dataflo…
…w/threat-modeling/remove-stored-query-variants C#: Remove `Stored` variants of queries
- Loading branch information
Showing
36 changed files
with
274 additions
and
508 deletions.
There are no files selected for viewing
6 changes: 0 additions & 6 deletions
6
csharp/ql/src/Security Features/CWE-078/StoredCommandInjection.qhelp
This file was deleted.
Oops, something went wrong.
34 changes: 0 additions & 34 deletions
34
csharp/ql/src/Security Features/CWE-078/StoredCommandInjection.ql
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
6 changes: 0 additions & 6 deletions
6
csharp/ql/src/Security Features/CWE-089/SecondOrderSqlInjection.qhelp
This file was deleted.
Oops, something went wrong.
32 changes: 0 additions & 32 deletions
32
csharp/ql/src/Security Features/CWE-089/SecondOrderSqlInjection.ql
This file was deleted.
Oops, something went wrong.
6 changes: 0 additions & 6 deletions
6
csharp/ql/src/Security Features/CWE-090/StoredLDAPInjection.qhelp
This file was deleted.
Oops, something went wrong.
32 changes: 0 additions & 32 deletions
32
csharp/ql/src/Security Features/CWE-090/StoredLDAPInjection.ql
This file was deleted.
Oops, something went wrong.
6 changes: 0 additions & 6 deletions
6
csharp/ql/src/Security Features/CWE-643/StoredXPathInjection.qhelp
This file was deleted.
Oops, something went wrong.
32 changes: 0 additions & 32 deletions
32
csharp/ql/src/Security Features/CWE-643/StoredXPathInjection.ql
This file was deleted.
Oops, something went wrong.
5 changes: 5 additions & 0 deletions
5
csharp/ql/src/change-notes/2024-03-11-remove-stored-query-variants.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
--- | ||
category: majorAnalysis | ||
--- | ||
* The `Stored` variants of some queries (`cs/stored-command-line-injection`, `cs/web/stored-xss`, `cs/stored-ldap-injection`, `cs/xml/stored-xpath-injection`. `cs/second-order-sql-injection`) have been removed. If you were using these queries, their results can be restored by enabling the `file` and `database` threat models in your threat model configuration. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.