Submit #592962: seaswalker spring-analysis master branch Cross Site Scriptinginfo

Titelseaswalker spring-analysis master branch Cross Site Scripting
BeschreibungIn the spring-analysis repository, a XSS vulnerability exists in the /echo endpoint of the application. This issue arises because user-supplied input is embedded directly into the HTML output without proper sanitization or escaping, allowing attackers to inject arbitrary JavaScript code into the page. Project Link: https://github.com/seaswalker/spring-analysis Affected Version: master branch Affected API: /echo Code Path: /src/main/java/controller/SimpleController.java:41
Quelle⚠️ https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250609-01/report.md
Benutzer
 ShenxiuSecurity (UID 84374)
Einreichung09.06.2025 05:54 (vor 1 Jahr)
Moderieren23.06.2025 10:55 (14 days later)
StatusAkzeptiert
VulDB Eintrag313621 [seaswalker spring-analysis bis 4379cce848af96997a9d7ef91d594aa129be8d71 SimpleController.java echo Name Cross Site Scripting]
Punkte20

ZurückÜbersichtWeiter

Do you know our Splunk app?

Download it now for free!