There is a XSS vulnerability in sms/src/main/java/pers/huangyuhui/sms/controller/StudentController.java.

Can execute arbitrary Javascript code.
![1](https://github.com/GoogTech/sms-ssm/assets/148185889/623e93d5-72a4-4bc7-bd2d-75e1da119261)
![2](https://github.com/GoogTech/sms-ssm/assets/148185889/e806fe67-4d16-48e3-8583-0bbccc6b7baa)
![3](https://github.com/GoogTech/sms-ssm/assets/148185889/b75d22f3-dc60-4c25-b46d-1f5ecf8fab34)
![4](https://github.com/GoogTech/sms-ssm/assets/148185889/e170f0a7-5691-47ee-b1fe-97239de0608b)
![5](https://github.com/GoogTech/sms-ssm/assets/148185889/7d8e8d1e-a2a4-41b7-8438-84d54ac40237)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

There is a XSS vulnerability in sms/src/main/java/pers/huangyuhui/sms/controller/StudentController.java. #25

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

There is a XSS vulnerability in sms/src/main/java/pers/huangyuhui/sms/controller/StudentController.java. #25

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions