hello,Mr.Coder,there is a stored XSS in ther front end which hack can escalate of Privileges.
when we access url below: http://127.0.0.1:8080/zrlog-2.1.0/post/%E8%AE%B0%E5%BD%95
we can see there contains a comment modul,it does't check the user input,so when we submit the
comment form with the palyoad below,this stored xss will be happened.
when the cross-site script successful executed,we can see the cookie of the frontend viewr's was been stolen.
And more seriously,when the admin log in the backend and access the comment manage module,it will cause the cross-site script excute which submit by hacker.And after that,the cookie of the admin will be stolen,and the hacker will use the cookie to escalate of Privileges.
suggestions:
1、Filtered the parameter in the comment form below:
logId,userComment,web,userName,email
2、Write a global interceptor to filtered the parameter input from user,And use the entity encode to encode the parameter,to avoid the use of label such as '<' or '>'.
Hope you guy fix this flaw quickly,if you have some request,please contact me with the email below: 747289639@qq.com
The text was updated successfully, but these errors were encountered:
when we access url below:

http://127.0.0.1:8080/zrlog-2.1.0/post/%E8%AE%B0%E5%BD%95we can see there contains a comment modul,it does't check the user input,so when we submit the
comment form with the palyoad below,this stored xss will be happened.
payload:“>
Requested data packet:
when the cross-site script successful executed,we can see the cookie of the frontend viewr's was been stolen.
suggestions:
1、Filtered the parameter in the comment form below:
logId,userComment,web,userName,email
2、Write a global interceptor to filtered the parameter input from user,And use the entity encode to encode the parameter,to avoid the use of label such as '<' or '>'.
Hope you guy fix this flaw quickly,if you have some request,please contact me with the email below:
747289639@qq.com
The text was updated successfully, but these errors were encountered: