VulnerableApp icon indicating copy to clipboard operation
VulnerableApp copied to clipboard

Published 20 hours ago verified publisher icon SasanLabs

Adding Secure Implementation for PathTraversal Vulnerability

Open preetkaran20 opened this issue 4 years ago • 0 comments
trafficstars

**Describe the enhancement ** Path Traversal Vulnerability doesn't have a secure implementation so we need to add the Secure implementation. This vulnerability, we need to also validate other levels for PathTraversal vulnerability that they are exploitable or not.

Glimpse of Path traversal vulnerability: image

** How to Fix ** Add a new Level in https://github.com/SasanLabs/VulnerableApp/blob/master/src/main/java/org/sasanlabs/service/vulnerability/pathTraversal/PathTraversalVulnerability.java similar to how we added the other levels which has all the validations properly implemented. Adding Variant as secure to the annotation of the level which is VulnerableAppRequestMapping.

preetkaran20 avatar Sep 25 '21 14:09 preetkaran20