We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DataEase 版本 v1.18.4
Bug 描述 文件上传未作权限校验,未登录用户可以直接向后台上传任意文件,文件类型未作校验,可以上传任意类型文件
Bug 重现步骤 漏洞接口:static/resource/upload/
3.上传文件名为b1ace870-c3d6-11ed-9218-a9fe7c2f5491,文件名不重复即可
4.文件上传后存储在了static-resource目录,访问http://192.168.253.1:8091/static-resource/b1ace870-c3d6-11ed-9218-a9fe7c2f5491.html
弹出了cookie信息,形成存储XSS漏洞
The text was updated successfully, but these errors were encountered:
感谢反馈,我们会尽快修复
Sorry, something went wrong.
v1.18.5版本已处理,请升级最新版本。
BBchicken-9527
zrfit
No branches or pull requests
DataEase 版本
v1.18.4
Bug 描述
文件上传未作权限校验,未登录用户可以直接向后台上传任意文件,文件类型未作校验,可以上传任意类型文件
Bug 重现步骤
漏洞接口:static/resource/upload/
3.上传文件名为b1ace870-c3d6-11ed-9218-a9fe7c2f5491,文件名不重复即可
4.文件上传后存储在了static-resource目录,访问http://192.168.253.1:8091/static-resource/b1ace870-c3d6-11ed-9218-a9fe7c2f5491.html
弹出了cookie信息,形成存储XSS漏洞
![image](https://user-images.githubusercontent.com/94107024/225583171-3a5d7da3-abd5-4850-8a44-6e242140e3f6.png)
The text was updated successfully, but these errors were encountered: