问题标签 [kiuwan]
For questions regarding programming in ECMAScript (JavaScript/JS) and its various dialects/implementations (excluding ActionScript). Note JavaScript is NOT the same as Java! Please include all relevant tags on your question; e.g., [node.js], [jquery], [json], [reactjs], [angular], [ember.js], [vue.js], [typescript], [svelte], etc.
1 问题
0
投票
0
回答
36
浏览
crlf-vulnerability - Kiuwan如何处理“网页生成过程中输入的不正确中和”漏洞
我正在用 Kiuwan 分析我的代码,然后在控制器类中我得到以下漏洞
网页生成期间输入的不正确中和(“跨站点脚本”)
ASVS-v4.0.2:5.3.3 CERT-J:IDS51-J CWE:79 CWEScope:Access-Control CWEScope:Availability CWEScope:Confidentiality CWEScope:Integrity CWETOP25:2021:2 essential OWASP:2021:A3 PCI-DSS:6.5。 7 黄蜂:08
当我进一步传播时,它指向 HttpServletRequest 这是我的方法参数:
如何删除此漏洞?