The stored XSS vulnerability can be triggered (the XSS vulnerability can obtain the cookie value of others, so as to forge the identity of others to log in, which is risky) :
The code flow starts here at weibocontroller.java to get whether the user is logged in:
Then you call the XSS filter class, and the value you input will be checked for the following keywords. If there are any, the javascript statement will be disabled by underlining those sensitive words. This method can be circumvented by coding, such as payload, above. The < script > alert (" XSS ") < / script >
Base64 encoded into PHNjcmlwdD5hbGVydCgiWFNTIik8L3NjcmlwdD4 =
Use spurious protocol triggering to bypass detection:
The text was updated successfully, but these errors were encountered:
Tools required: BurpSuite, IDEA (Eclipse)
Required source download address:
https://github.com/zchuanzhao/jeesns/releases
Deployment Instructions:
https://gitee.com/zchuanzhao/jeesns#%E9%83%A8%E7%BD%B2%E8%AF%B4%E6%98%8E
Posting Payload in the "Twitter" function:
<object data=data:text/html;base64,PHNjcmlwdD5hbGVydCgiWFNTIik8L3NjcmlwdD4=>
The stored XSS vulnerability can be triggered (the XSS vulnerability can obtain the cookie value of others, so as to forge the identity of others to log in, which is risky) :
The code flow starts here at weibocontroller.java to get whether the user is logged in:

Then you call the XSS filter class, and the value you input will be checked for the following keywords. If there are any, the javascript statement will be disabled by underlining those sensitive words. This method can be circumvented by coding, such as payload, above. The < script > alert (" XSS ") < / script >
Base64 encoded into PHNjcmlwdD5hbGVydCgiWFNTIik8L3NjcmlwdD4 =
Use spurious protocol triggering to bypass detection:
The text was updated successfully, but these errors were encountered: