Navigation section
semmle ql
About this tag
Semmle QL is a query language used for variant analysis and vulnerability hunting in codebases. On WindowsForum.com, discussions cover its application to web security, specifically for finding DOM-based Cross-Site Scripting (XSS) vulnerabilities. The language is also applied to C and C++ codebases to detect issues like integer overflow, path traversal, and memory corruption. These topics are part of Microsoft's security research, as Semmle QL is a tool developed by Microsoft for code analysis. Users interested in automated vulnerability detection and secure coding practices will find relevant content on this tag.
-
Vulnerability hunting with Semmle QL: DOM XSS
In two previous blog posts ( part 1 and part 2), we talked about using Semmle QL in C and C++ codebases to find vulnerabilities such as integer overflow, path traversal, and those leading to memory corruption. In this post, we will explore applying Semmle QL to web security by hunting for one of...- News
- Thread
- c++ code analysis dom xss integer overflow memory issues path traversal semmle ql vulnerability web security
- Replies: 0
- Forum: Security Alerts