Submit #592962: seaswalker spring-analysis master branch Cross Site Scriptinginfo

Titleseaswalker spring-analysis master branch Cross Site Scripting
DescriptionIn the spring-analysis repository, a XSS vulnerability exists in the /echo endpoint of the application. This issue arises because user-supplied input is embedded directly into the HTML output without proper sanitization or escaping, allowing attackers to inject arbitrary JavaScript code into the page. Project Link: https://github.com/seaswalker/spring-analysis Affected Version: master branch Affected API: /echo Code Path: /src/main/java/controller/SimpleController.java:41
Source⚠️ https://github.com/ShenxiuSec/cve-proofs/blob/main/POC-20250609-01/report.md
User
 ShenxiuSecurity (UID 84374)
Submission06/09/2025 05:54 (1 Year ago)
Moderation06/23/2025 10:55 (14 days later)
StatusAccepted
VulDB entry313621 [seaswalker spring-analysis up to 4379cce848af96997a9d7ef91d594aa129be8d71 SimpleController.java echo Name cross site scripting]
Points20

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!