GitHub/quartz
1
0
Fork 2
mirror of https://github.com/jackyzha0/quartz.git synced 2025-12-27 14:54:05 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

vault backup: 2022-09-08 12:38:14

Browse Source
This commit is contained in:
Jet Hughes 2022-09-08 12:38:14 +12:00
parent df96ce6159
commit 97aa36ebb4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
content/notes/ass01-security-audit.md
View File

@ -33,7 +33,7 @@ Jet Hughes - 9474308
- You was able to update a product name to be a script which would then run on others systems - You was able to update a product name to be a script which would then run on others systems
- e.g. '; update PRODUCT set DESCRIPTION = '<script>alert("hello")</script>' where PRODUCT_ID = 67696;-- - e.g. '; update PRODUCT set DESCRIPTION = '<script>alert("hello")</script>' where PRODUCT_ID = 67696;--
- this could be used to export JSESSIONIDs of other users. Which would allow the attack to access their account (while the other user is logged in). - this could be used to export JSESSIONIDs of other users. Which would allow the attack to access their account (while the other user is logged in).
- It could also be used to present the user with a message - It could also be used to present the user with a legitamate seeming message encouraging them to open a malicious link.
## Path traversal ## Path traversal
- You can access the welcome page simply using the path /catalogue/welcome.jsp. This will load the welcome page with the username null. However it is unclear whether this is a security issue as curently the welcome page offers no functionality. - You can access the welcome page simply using the path /catalogue/welcome.jsp. This will load the welcome page with the username null. However it is unclear whether this is a security issue as curently the welcome page offers no functionality.