diff --git a/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql b/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql index 994aba733d23..0e4a8f9741cd 100644 --- a/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql +++ b/cpp/ql/src/Security/CWE/CWE-079/CgiXss.ql @@ -4,7 +4,7 @@ * allows for a cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id cpp/cgi-xss * @tags security diff --git a/cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 000000000000..0810e9c49bac --- /dev/null +++ b/cpp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `cpp/cgi-xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/csharp/ql/src/Security Features/CWE-079/XSS.ql b/csharp/ql/src/Security Features/CWE-079/XSS.ql index 8735d89ef500..b819ed06bf83 100644 --- a/csharp/ql/src/Security Features/CWE-079/XSS.ql +++ b/csharp/ql/src/Security Features/CWE-079/XSS.ql @@ -4,7 +4,7 @@ * allows for a cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id cs/web/xss * @tags security diff --git a/csharp/ql/src/Security Features/CWE-117/LogForging.ql b/csharp/ql/src/Security Features/CWE-117/LogForging.ql index 9494af335705..a922f1c02f8b 100644 --- a/csharp/ql/src/Security Features/CWE-117/LogForging.ql +++ b/csharp/ql/src/Security Features/CWE-117/LogForging.ql @@ -4,7 +4,7 @@ * insertion of forged log entries by a malicious user. * @kind path-problem * @problem.severity error - * @security-severity 7.8 + * @security-severity 6.1 * @precision high * @id cs/log-forging * @tags security diff --git a/csharp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/csharp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 000000000000..c317194bc259 --- /dev/null +++ b/csharp/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `cs/log-forging` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `cs/web/xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql b/go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql index 15373ee85edf..f556630965c7 100644 --- a/go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql +++ b/go/ql/src/Security/CWE-079/HtmlTemplateEscapingBypassXss.ql @@ -5,7 +5,7 @@ * scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id go/html-template-escaping-bypass-xss * @tags security diff --git a/go/ql/src/Security/CWE-079/ReflectedXss.ql b/go/ql/src/Security/CWE-079/ReflectedXss.ql index 0fca12ac2858..ebabb69f0a4e 100644 --- a/go/ql/src/Security/CWE-079/ReflectedXss.ql +++ b/go/ql/src/Security/CWE-079/ReflectedXss.ql @@ -4,7 +4,7 @@ * a cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id go/reflected-xss * @tags security diff --git a/go/ql/src/Security/CWE-079/StoredXss.ql b/go/ql/src/Security/CWE-079/StoredXss.ql index 83628b310421..dcae0a5f9c1d 100644 --- a/go/ql/src/Security/CWE-079/StoredXss.ql +++ b/go/ql/src/Security/CWE-079/StoredXss.ql @@ -4,7 +4,7 @@ * a stored cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision low * @id go/stored-xss * @tags security diff --git a/go/ql/src/Security/CWE-117/LogInjection.ql b/go/ql/src/Security/CWE-117/LogInjection.ql index 5b6586c8e4e2..08febfd842e8 100644 --- a/go/ql/src/Security/CWE-117/LogInjection.ql +++ b/go/ql/src/Security/CWE-117/LogInjection.ql @@ -4,7 +4,7 @@ * insertion of forged log entries by a malicious user. * @kind path-problem * @problem.severity error - * @security-severity 7.8 + * @security-severity 6.1 * @precision medium * @id go/log-injection * @tags security diff --git a/go/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/go/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 000000000000..45320bcd719c --- /dev/null +++ b/go/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `go/log-injection` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `go/html-template-escaping-bypass-xss`, `go/reflected-xss` and `go/stored-xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/java/ql/src/Security/CWE/CWE-079/AndroidWebViewAddJavascriptInterface.ql b/java/ql/src/Security/CWE/CWE-079/AndroidWebViewAddJavascriptInterface.ql index 4368b537ab7c..3b4abcaa7f68 100644 --- a/java/ql/src/Security/CWE/CWE-079/AndroidWebViewAddJavascriptInterface.ql +++ b/java/ql/src/Security/CWE/CWE-079/AndroidWebViewAddJavascriptInterface.ql @@ -4,7 +4,7 @@ * @description Exposing a Java object in a WebView with a JavaScript interface can lead to malicious JavaScript controlling the application. * @kind problem * @problem.severity warning - * @security-severity 6.1 + * @security-severity 7.8 * @precision medium * @tags security * external/cwe/cwe-079 diff --git a/java/ql/src/Security/CWE/CWE-079/AndroidWebViewSettingsEnabledJavaScript.ql b/java/ql/src/Security/CWE/CWE-079/AndroidWebViewSettingsEnabledJavaScript.ql index 561b2af8de02..3ea2b207c04b 100644 --- a/java/ql/src/Security/CWE/CWE-079/AndroidWebViewSettingsEnabledJavaScript.ql +++ b/java/ql/src/Security/CWE/CWE-079/AndroidWebViewSettingsEnabledJavaScript.ql @@ -4,7 +4,7 @@ * @kind problem * @id java/android/websettings-javascript-enabled * @problem.severity warning - * @security-severity 6.1 + * @security-severity 7.8 * @precision medium * @tags security * external/cwe/cwe-079 diff --git a/java/ql/src/Security/CWE/CWE-079/XSS.ql b/java/ql/src/Security/CWE/CWE-079/XSS.ql index 9ae92a7e362e..f1261ebff744 100644 --- a/java/ql/src/Security/CWE/CWE-079/XSS.ql +++ b/java/ql/src/Security/CWE/CWE-079/XSS.ql @@ -4,7 +4,7 @@ * allows for a cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id java/xss * @tags security diff --git a/java/ql/src/Security/CWE/CWE-117/LogInjection.ql b/java/ql/src/Security/CWE/CWE-117/LogInjection.ql index dd4ffb6a10a1..f3efb578f76a 100644 --- a/java/ql/src/Security/CWE/CWE-117/LogInjection.ql +++ b/java/ql/src/Security/CWE/CWE-117/LogInjection.ql @@ -4,7 +4,7 @@ * insertion of forged log entries by malicious users. * @kind path-problem * @problem.severity error - * @security-severity 7.8 + * @security-severity 6.1 * @precision medium * @id java/log-injection * @tags security diff --git a/java/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/java/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 000000000000..fa1288af16eb --- /dev/null +++ b/java/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `java/log-injection` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `java/android/webview-addjavascriptinterface`, `java/android/websettings-javascript-enabled` and `java/xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/python/ql/src/Security/CWE-079/Jinja2WithoutEscaping.ql b/python/ql/src/Security/CWE-079/Jinja2WithoutEscaping.ql index 97bbb72edec9..fd03ba433a10 100644 --- a/python/ql/src/Security/CWE-079/Jinja2WithoutEscaping.ql +++ b/python/ql/src/Security/CWE-079/Jinja2WithoutEscaping.ql @@ -4,7 +4,7 @@ * cause a cross-site scripting vulnerability. * @kind problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision medium * @id py/jinja2/autoescape-false * @tags security diff --git a/python/ql/src/Security/CWE-079/ReflectedXss.ql b/python/ql/src/Security/CWE-079/ReflectedXss.ql index 11ebad00e375..286dbece126a 100644 --- a/python/ql/src/Security/CWE-079/ReflectedXss.ql +++ b/python/ql/src/Security/CWE-079/ReflectedXss.ql @@ -4,7 +4,7 @@ * allows for a cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @sub-severity high * @precision high * @id py/reflective-xss diff --git a/python/ql/src/Security/CWE-117/LogInjection.ql b/python/ql/src/Security/CWE-117/LogInjection.ql index f1b72faaccbd..64b29e142e08 100644 --- a/python/ql/src/Security/CWE-117/LogInjection.ql +++ b/python/ql/src/Security/CWE-117/LogInjection.ql @@ -4,7 +4,7 @@ * insertion of forged log entries by a malicious user. * @kind path-problem * @problem.severity error - * @security-severity 7.8 + * @security-severity 6.1 * @precision medium * @id py/log-injection * @tags security diff --git a/python/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/python/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 000000000000..4278d0171e34 --- /dev/null +++ b/python/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `py/log-injection` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `py/jinja2/autoescape-false` and `py/reflective-xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/ruby/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/ruby/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 000000000000..459c2ce7f916 --- /dev/null +++ b/ruby/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,5 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `rb/log-injection` has been reduced from 7.8 (high) to 6.1 (medium). +* The `@security-severity` metadata of `rb/reflected-xss`, `rb/stored-xss` and `rb/html-constructed-from-input` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql b/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql index 8cc60618cc5c..04eed164046d 100644 --- a/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql +++ b/ruby/ql/src/queries/security/cwe-079/ReflectedXSS.ql @@ -4,7 +4,7 @@ * allows for a cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @sub-severity high * @precision high * @id rb/reflected-xss diff --git a/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql b/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql index a621aee00b03..a2a1752f7f4f 100644 --- a/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql +++ b/ruby/ql/src/queries/security/cwe-079/StoredXSS.ql @@ -4,7 +4,7 @@ * a stored cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id rb/stored-xss * @tags security diff --git a/ruby/ql/src/queries/security/cwe-079/UnsafeHtmlConstruction.ql b/ruby/ql/src/queries/security/cwe-079/UnsafeHtmlConstruction.ql index c1527783fc34..3fa40cd6f919 100644 --- a/ruby/ql/src/queries/security/cwe-079/UnsafeHtmlConstruction.ql +++ b/ruby/ql/src/queries/security/cwe-079/UnsafeHtmlConstruction.ql @@ -4,7 +4,7 @@ * user to perform a cross-site scripting attack. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id rb/html-constructed-from-input * @tags security diff --git a/ruby/ql/src/queries/security/cwe-117/LogInjection.ql b/ruby/ql/src/queries/security/cwe-117/LogInjection.ql index 624c2f90e64d..50a4a718e32d 100644 --- a/ruby/ql/src/queries/security/cwe-117/LogInjection.ql +++ b/ruby/ql/src/queries/security/cwe-117/LogInjection.ql @@ -4,7 +4,7 @@ * insertion of forged log entries by a malicious user. * @kind path-problem * @problem.severity error - * @security-severity 7.8 + * @security-severity 6.1 * @precision medium * @id rb/log-injection * @tags security diff --git a/rust/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/rust/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 000000000000..7c24d4147a5b --- /dev/null +++ b/rust/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `rust/xss` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/rust/ql/src/queries/security/CWE-079/XSS.ql b/rust/ql/src/queries/security/CWE-079/XSS.ql index 3c43f5043c74..e7609196b3e7 100644 --- a/rust/ql/src/queries/security/CWE-079/XSS.ql +++ b/rust/ql/src/queries/security/CWE-079/XSS.ql @@ -4,7 +4,7 @@ * allows for a cross-site scripting vulnerability. * @kind path-problem * @problem.severity error - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id rust/xss * @tags security diff --git a/swift/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md b/swift/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md new file mode 100644 index 000000000000..a46302ed1462 --- /dev/null +++ b/swift/ql/src/change-notes/2026-03-13-adjust-xss-and-log-injection-severity.md @@ -0,0 +1,4 @@ +--- +category: queryMetadata +--- +* The `@security-severity` metadata of `swift/unsafe-webview-fetch` has been increased from 6.1 (medium) to 7.8 (high). diff --git a/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql b/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql index 7243d2216a59..3a2de3fa80ae 100644 --- a/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql +++ b/swift/ql/src/queries/Security/CWE-079/UnsafeWebViewFetch.ql @@ -3,7 +3,7 @@ * @description Fetching data in a WebView without restricting the base URL may allow an attacker to access sensitive local data, or enable cross-site scripting attack. * @kind path-problem * @problem.severity warning - * @security-severity 6.1 + * @security-severity 7.8 * @precision high * @id swift/unsafe-webview-fetch * @tags security