Skip to content

Commit 8f1fc9e

Browse files
mchammer01mchammer01
authored
Update MvelInjection.qhelp
Minor tweaks
1 parent 68df802 commit 8f1fc9e

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

java/ql/src/Security/CWE/CWE-094/MvelInjection.qhelp

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -3,11 +3,11 @@
33

44
<overview>
55
<p>
6-
MVEL is an expression language based on Java-syntax.
7-
The language offers many features
6+
MVEL is an expression language based on Java-syntax,
7+
which offers many features
88
including invocation of methods available in the JVM.
99
If a MVEL expression is built using attacker-controlled data,
10-
and then evaluated, then it may allow the attacker to run arbitrary code.
10+
and then evaluated, then it may allow attackers to run arbitrary code.
1111
</p>
1212
</overview>
1313

@@ -35,4 +35,4 @@ and then runs it in the default powerfull context.
3535
<a href="https://owasp.org/www-community/vulnerabilities/Expression_Language_Injection">Expression Language Injection</a>.
3636
</li>
3737
</references>
38-
</qhelp>
38+
</qhelp>

0 commit comments

Comments
 (0)