You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Reflected Cross Site Scripting in /vulnerabilities/xss.js
Fixability: we don't have available fix now Overview:
Found reflected xss, in the sink function res.send
The parameter req.query.name is most likely controlled by users and can be injected by exploits like this:- req.query.name = <script>alert(document.cookie)</script> req.query.name = <img src=/ onerror=alert(document.cookie)
Fix
Validate user parameter req.query.name in line 4 to be safe from javascript code that used by function res.send.
Reflected Cross Site Scripting in /vulnerabilities/xss.js
Fixability: we don't have available fix now
Overview:
Found reflected xss, in the sink function
res.send
The parameter
req.query.name
is most likely controlled by users and can be injected by exploits like this:-req.query.name
=<script>alert(document.cookie)</script>
req.query.name
=<img src=/ onerror=alert(document.cookie)
Fix
req.query.name
in line 4 to be safe from javascript code that used by functionres.send
.crazy-vulnerable-nodejs-application/vulnerabilities/xss.js
Line 4 in 0f98947
refrence id: 253715876755738992
What do you want me to do next?
details
@shieldfy details
ignore
@shieldfy ignore
?The text was updated successfully, but these errors were encountered: