Enviar #651884: yi-ge get-header-ip master CWE-79información

Títuloyi-ge get-header-ip master CWE-79
Descripciónin file ip.php if (isset($_GET['callback'])) { echo trim($_GET['callback']) . '(' . json_encode(['ip' => $ip]) . ')'; } else { echo $ip . "\n"; } CWE: CWE-79-Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE Description: The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Fuente⚠️ https://github.com/yi-ge/get-header-ip/blob/master/ip.php#L32
Usuario
 dev03303 (UID 85336)
Sumisión2025-09-10 09:08 (hace 8 meses)
Moderación2025-09-25 07:54 (15 days later)
EstadoAceptado
Entrada de VulDB325814 [yi-ge get-header-ip hasta 589b23d0eb0043c310a6a13ce4bbe2505d0d0b15 ip.php callback secuencias de comandos en sitios cruzados]
Puntos20

AnteriorVisión De ConjuntoPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!