由于没有对一些特殊字符过滤,便可以添加闭合字符,从而导致XXS漏洞
POC如下:
Dashboard—->Users—->My Role—>Create new user—->fill the Role Name with “> and then click the “add user”
莆田SEO网络安全研究
由于没有对一些特殊字符过滤,便可以添加闭合字符,从而导致XXS漏洞
POC如下:
Dashboard—->Users—->My Role—>Create new user—->fill the Role Name with “> and then click the “add user”