Soumettre #651884: yi-ge get-header-ip master CWE-79information

Titreyi-ge get-header-ip master CWE-79
Descriptionin file ip.php if (isset($_GET['callback'])) { echo trim($_GET['callback']) . '(' . json_encode(['ip' => $ip]) . ')'; } else { echo $ip . "\n"; } CWE: CWE-79-Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE Description: The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
La source⚠️ https://github.com/yi-ge/get-header-ip/blob/master/ip.php#L32
Utilisateur
 dev03303 (UID 85336)
Soumission10/09/2025 09:08 (il y a 8 mois)
Modérer25/09/2025 07:54 (15 days later)
StatutAccepté
Entrée VulDB325814 [yi-ge get-header-ip ip.php callback cross site scripting]
Points20

PrécédentAperçuSuivant

Do you want to use VulDB in your project?

Use the official API to access entries easily!