advanced-security
diff --git a/‎javascript/frameworks/ui5/ext/qlpack.yml‎
Lines changed: 1 addition & 1 deletion b/‎javascript/frameworks/ui5/ext/qlpack.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎javascript/frameworks/ui5/lib/advanced_security/javascript/frameworks/ui5/RemoteFlowSources.qll‎
Lines changed: 12 additions & 0 deletions b/‎javascript/frameworks/ui5/lib/advanced_security/javascript/frameworks/ui5/RemoteFlowSources.qll‎
Lines changed: 12 additions & 0 deletions
@@ -1,7 +1,7 @@
 ---
 library: true
 name: advanced-security/javascript-sap-ui5-models
-version: 0.5.0
+version: 0.6.0
 extensionTargets:
   codeql/javascript-all: "^0.8.7"
 dataExtensions:
 
@@ -123,6 +123,18 @@ private class RouteParameterAccess extends RemoteFlowSource instanceof PropRead
   }
 }
 
+private class DisplayEventHandlerParameterAccess extends RemoteFlowSource instanceof PropRead {
+  override string getSourceType() { result = "DisplayEventHandlerParameterAccess" }
+
+  DisplayEventHandlerParameterAccess() {
+    exists(DisplayEventHandler handler, MethodCallNode getParameterCall |
+      getParameterCall.getMethodName() = "getParameter" and
+      this.getBase().getALocalSource() = getParameterCall and
+      handler.getParameter(0) = getParameterCall.getReceiver().getALocalSource()
+    )
+  }
+}
+
 /**
  * Method calls that fetch a piece of data either from a library control capable of accepting user input, or from a URI parameter.
  */