Skip to content

Commit

Permalink
Remove XSS from list of vulnerabilities
Browse files Browse the repository at this point in the history
  • Loading branch information
@ursachec
ursachec committed Jul 17, 2023
1 parent 435330e commit dd34433
Show file tree
Hide file tree
Showing 2 changed files with 0 additions and 3 deletions.
2 changes: 0 additions & 2 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,6 @@ This project contains the following vulnerabilities:

- Remote Code Execution
- SQL injection
- XSS
- Insecure Deserialization
- Directory Traversal
- Open Redirect
Expand All @@ -47,7 +46,6 @@ $ grep vulnerability . -R -n | grep -v README
./flask_webgoat/actions.py:43: # vulnerability: Remote Code Execution
./flask_webgoat/users.py:37: # vulnerability: SQL Injection
./flask_webgoat/auth.py:17: # vulnerability: SQL Injection
./flask_webgoat/ui.py:14: # vulnerability: XSS
./flask_webgoat/actions.py:60: # vulnerability: Insecure Deserialization
./flask_webgoat/actions.py:35: # vulnerability: Directory Traversal
./flask_webgoat/auth.py:45: # vulnerability: Open Redirect
Expand Down
1 change: 0 additions & 1 deletion flask_webgoat/ui.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ def search():
query_param = request.args.get("query")
if query_param is None:
message = "please provide the query parameter"
# vulnerability: XSS
return render_template("error.html", message=message)

try:
Expand Down

0 comments on commit dd34433

Please sign in to comment.