ishangsf/rspec
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rspec/rules/S5131/summary.adoc

1 line
308 B
Plaintext
Raw Normal View History

Education s5131 one file per language (#1002)
2022-05-20 15:31:42 +02:00
This vulnerability makes it possible to temporarily execute JavaScript code in the context of the application, granting access to the session of the victim. This is possible because user-provided data, such as URL parameters, are copied into the HTML body of the HTTP response that is sent back to the user.
Reference in New Issue Copy Permalink