Redpeppersir

**问题描述:**没有对文件类型进行验证，攻击者可以上传恶意文件 直接通过ToolUtil.getFileSuffix(picture.getOriginalFilename()) 保存原有后缀名 可上传恶意的html文件在访问时候触发xss **修复建议:** 校验文件上传的后缀 renderPicture 位置返回base64编码格式 如: const base64Image = "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA..."; url: /mgr/upload 参数:file: picture   

The /auth/uploadByUrl endpoint allows a URL to be submitted for the server to access. An attacker can exploit this to send requests to the server, and a Server-Side Request Forgery...

**Vulnerability Description**: The Spring routing parser ignores any content after ; in the URL (e.g., /;login) when looking up routes, but request.getRequestURI() retrieves the full URI path. This can lead...

ZIP Bomb

3

A vulnerability related to ZIP file handling has been discovered in the Jodd library. It allows attackers to exploit specially crafted high-compression ZIP files to consume a large amount of...

**Description:** Hardcoding the JWT secret key can lead to arbitrary users spoofing tokens. Since the travels-java-api is an open-source project, others can easily obtain the JWT secret key of travels-java-api....