Thanks to visit codestin.com
Credit goes to github.com

Skip to content

Commit a9ea63b

Browse files
Alvaro Muñozshati-patel
Alvaro Muñoz
and
shati-patel
authored
Update java/change-notes/2020-10-27-insecure-bean-validation.md
Co-authored-by: Shati Patel <[email protected]>
1 parent 1fdf055 commit a9ea63b

1 file changed

Lines changed: 4 additions & 5 deletions

File tree

java/change-notes/2020-10-27-insecure-bean-validation.md

Lines changed: 4 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,5 @@
11
lgtm,codescanning
2-
* New query "Insecure Bean Validation" (java/insecure-bean-validation) added. This query
3-
finds Server-Side Template Injections caused by untrusted data flowing from a Bean
4-
property being validated into a custom constraint violation error message. This
5-
vulnerability leads to arbitrary code execution.
6-
2+
* A new query "Insecure Bean Validation" (`java/insecure-bean-validation`) has been added. This query
3+
finds server-side template injections caused by untrusted data flowing from a bean
4+
property into a custom error message for a constraint validator. This
5+
vulnerability can lead to arbitrary code execution.

0 commit comments

Comments
 (0)