Java Sec Code - Browse /v2.0.0 at SourceForge.net

The interactive file manager requires Javascript. Please enable it or use sftp or scp.
You may still browse the files here.

Name	Modified	Size	InfoDownloads / Week
Parent folder
java_sec_code_v20200407.tar.gz	2020-04-06	47.7 kB	0
java_sec_code_v20200407.zip	2020-04-06	88.7 kB	0
README.md	2020-04-06	2.4 kB	0
Totals: 3 Items		138.8 kB	0

Added Hook Socket function to solve SSRF DNS Rebinding bypass;
Fixed the bug that SSRF solution can cause DOS problem;
Fixed the bug that SSRF's internal network blacklist IP can be bypassed by 127.0.0.1;
Add the function of package uploading to dockerhub;
Added RCE vulnerability caused by xstream;
Added code injection vulnerability;
Added XXE vulnerability caused by XMLReader;
Added XXE vulnerability caused by DocumentHelper;
Added XXE vulnerability caused by poi-ooxml andxlsx-streamer;
Added JSON hijacking vulnerability caused by MappingJackson2JsonView;
Added Cors vulnerability code, and provide solution for verifying first-level domain names;
Added SSRF vulnerability caused by IOUtils andJsoup;
Added Mybatis SQL injection vulnerability;
Added the security verification function of Content-Type for file upload;
Added the function of jumping to the page before login after login;
Added the security verification function of Ojbect automatically transferring to Jsonp;
Add relevant code for obtaining cookies;
Added getRequestURI () to cause permission bypass vulnerability;
Added storage XSS vulnerability;
The security configuration of SSRF and URL is changed from code to XML;

Source: README.md, updated 2020-04-06

Java Sec Code Files