Skip to content

There is an XSS vulnerability in src/main/java/com/wuhao/wuhaozn_springboot/control/Product_all_control.java #5

Description

@liyunqiangs

There is no filtering or escaping of user input.

Image

Fully trust the queried database data and output it directly.

Image

Access the URL to add product information,and enter an XSS attack payload as the product name.

Image

Inquire about product information.

Image

Trigger XSS attack.

Image

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions