Skip to content
This repository was archived by the owner on Dec 11, 2022. It is now read-only.

0xTeles/cwchallenge

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

30 Commits
.github
.github
 
 
app
app
 
 
assets
assets
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

CW Challenge

Resolution for the CW challenge technical assessment.

Tasks

  • Create new repository with vulnerable code.
  • Configure and enable Dependabot
  • Create script to get Dependabot alerts.
  • Display alerts on friendly way.
  • Integrate Dependabot with Discord.
  • Integrate Dependabot with Github Actions.

The application

The application is a API to get prices of cryptocurrencys and renderize the prices with EJS.

How to use

To use the API, send a GET request to /crypto/?currency=CURRENCY and get the price.

The vulnerability

The vulnerability of application is an Server Side Template Injection (based on CVE-2022-29078) that happens when the API can't find the currency.

Resources

CVE-2022-29078

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages