GraphJet icon indicating copy to clipboard operation
GraphJet copied to clipboard
verified publisher icon twitter

Reflective xss

Open QiAnXinCodeSafe opened this issue 6 years ago • 0 comments

hi: I found a reflective xss vulnerability in the GetSimilarHashtagsServlet.java Details are as follows: default The "hashtag" parameter in the get request is received at line 38 of the file. Without any filtering, the output directly on line 58 caused the xss vulnerability on the page.

QiAnXinCodeSafe avatar Feb 21 '19 03:02 QiAnXinCodeSafe