3 matches found
CVE-2022-29001
In SpringBootMovie =1.2, the uploaded file suffix parameter is not filtered, resulting in arbitrary file upload vulnerability...
CVE-2022-28588
In SpringBootMovie =1.2 when adding movie names, malicious code can be stored because there are no filtering parameters, resulting in stored XSS...
SpringBootMovie 跨站脚本漏洞
SpringBootMovie, a Spring Boot-based movie website, is vulnerable to a cross-site scripting vulnerability in SpringBootMovie version 1.2 and earlier, which stems from a failure to filter parameters when adding movie names. An attacker could exploit this vulnerability to execute JavaScript code on...