You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi!
I am a staff member of QiAnXin Code Guard. In our open source code detection project, I found two reflective xss vulnerabilities in mTracker. The details are as follows:
The errorErrorDescription method receives the errorcode parameter in the uri, and returns directly without checking. If the returned information is on the page, it will lead to cross-site scripting attack.
The same problem still exists in QueueService.java
The text was updated successfully, but these errors were encountered:
Hi!
I am a staff member of QiAnXin Code Guard. In our open source code detection project, I found two reflective xss vulnerabilities in mTracker. The details are as follows:
The errorErrorDescription method receives the errorcode parameter in the uri, and returns directly without checking. If the returned information is on the page, it will lead to cross-site scripting attack.
The same problem still exists in QueueService.java
The text was updated successfully, but these errors were encountered: