Update README.md

README.md

@@ -48,7 +48,7 @@ This PR adds a feature to migrate users from the existing H2 database to MySQL.
 * DeepSAST Dataflow:
   * Sink: `ca.odell.glazedlists.impl.io.BeanXMLByteCoder.decode`
 
-This PR adds a new feature to import users from an XML file. Although the code itself does not seem to contain any vulnerabilities, the `decode` library function is vulnerable to deserialzation if the passed argument is user-controllable. Thus this PR introduces a critical vulnerability due to the usage of the unsafe library function.
+This PR adds a new feature to import users from an XML file. Although the code itself does not seem to contain any vulnerabilities, the `decode` library function is vulnerable to deserialization if the passed argument is user-controllable. Thus this PR introduces a critical vulnerability due to the usage of the unsafe library function.
 
 
 ## Setup instructions
@@ -57,7 +57,6 @@ This repository is supposed to be added as a SonarCloud project for analysis via
 
 * Fork this project *with all branches* (untick the default checkbox, "Copy the `main` branch only").
 * Go to the `Actions` tab of your forked repository and enable workflows by selecting `I understand my workflows, go ahead and enable them`.
-* Go to the `Pull requests` tab and create a new PR from the `introduce-user-migration-feature` and `allow-imports` branch to the `main` branch of your fork. Be careful that, by default, the PR targets the upstream repository.
 * Go to [sonarcloud.io](https://sonarcloud.io/sessions/new) and sign up with your GitHub account.
 * Create a new organization under your name if there is none.
 * Give SonarCloud permission to see the forked repository.
@@ -67,5 +66,18 @@ This repository is supposed to be added as a SonarCloud project for analysis via
   * Add the displayed GitHub Secret to your repository.
   * Update the `sonar.organization` value in the `pom.xml` file.
   * Copy & paste the displayed content to `.github/workflows/build.yml` and set the `java-version` to `17`.
+* On your GitHub repository: Go to the `Pull requests` tab and create a new PR from the `introduce-user-migration-feature` and `allow-imports` branches to the `main` branch of your fork. Be careful that, by default, the PR targets the upstream repository.
 
 The first two issues will be displayed on the `main` branch and the other two issues on distinct Pull Requests.
+
+## Real-World Examples
+
+This table contains examples of DeepSAST findings in real-world projects:
+
+| Link | Lang | Project | Issue type | Comment |
+| --- | --- | --- | --- | --- |
+| [SonarCloud](https://sonarcloud.io/project/issues?id=org.monarchinitiative.exomiser:exomiser&open=AYaYnkzfchh4gFFcKnDe) | Java | Small open-source | Log Injection | Dataflow with passthrough |
+| [SonarCloud](https://sonarcloud.io/project/issues?id=dmatej_glassfish&open=AYX94MJvhKb2vw3fmeKu) | Java | Eclipse Glassfish | Path Injection | Innocent looking sink |
+| [SonarCloud](https://sonarcloud.io/project/issues?id=siguser_benchmarkjava-gh&open=AYjEl06qrBlwzkIdugy7) | Java | OWASP Benchmark | SQL Injection | Rare sink, popular benchmark |
+| [SonarCloud](https://sonarcloud.io/project/issues?id=lightswitch05_zwave-js-ui&open=AYaUAEYH58jG26HSBsPN) | TS | Medium open-source | File Delete | Simple, critical issue in TS |
+| [SonarCloud](https://sonarcloud.io/project/issues?id=Visclo96_spring-boot&open=AYbbZ3D1FcQgtBJC0HXd) | Java | Spring Boot | Deserialize | Simple issue, popular project |