[Query Create2]: Detect code injection vulnerability in `juice-shop/juice-shop` app

### Target Language

javascript

### Query Name (Optional)

DemoJsCodeInjection

### Query Type

Security

### Query Description

https://github.com/github/codeql/blob/main/javascript/ql/src/Security/CWE-094/CodeInjection.inc.qhelp

### Expected Severity

Critical

### Code Examples

https://github.com/juice-shop/juice-shop/blob/master/routes/showProductReviews.ts

https://github.com/juice-shop/juice-shop/blob/master/lib/utils.ts

### CWE/CVE Reference (Optional)

CWE-094

### References (Optional)

[Expected query test results](https://github.com/github/codeql/blob/main/javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/CodeInjection.expected)

### Code of Conduct

- [x] I agree to follow this project's Code of Conduct

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Query Create2]: Detect code injection vulnerability in `juice-shop/juice-shop` app #5

Target Language

Query Name (Optional)

Query Type

Query Description

Expected Severity

Code Examples

CWE/CVE Reference (Optional)

References (Optional)

Code of Conduct

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

[Query Create2]: Detect code injection vulnerability in juice-shop/juice-shop app #5

Description

Target Language

Query Name (Optional)

Query Type

Query Description

Expected Severity

Code Examples

CWE/CVE Reference (Optional)

References (Optional)

Code of Conduct

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions

[Query Create2]: Detect code injection vulnerability in `juice-shop/juice-shop` app #5