The password accessing the article is flawed. The code only verifies the "halo-post-password-" + post.getPostId() in the cookie, but it does not verify that the password is correct.
Send the postId to the server by entering the wrong password, and then add the cookie "halo-post-password-4027 (current article id) = 96e79218965eb72c92a549dd5a330112 (any md5 encrypted string)" to access the encrypted article content.
我确定我已经查看了 (标注
[ ]为[x])我要申请 (标注
[ ]为[x])The password accessing the article is flawed. The code only verifies the "halo-post-password-" + post.getPostId() in the cookie, but it does not verify that the password is correct.
Send the postId to the server by entering the wrong password, and then add the cookie "halo-post-password-4027 (current article id) = 96e79218965eb72c92a549dd5a330112 (any md5 encrypted string)" to access the encrypted article content.
The vulnerability discoverer by Chaitin Tech.
The text was updated successfully, but these errors were encountered: