XSS 漏洞:
我网站的安全报告显示了此漏洞:
Relflected XSS:
Request: GET http://example.com/page.php?q=< wslite > HTTP/1.1
此错误的含义是什么,
谢谢
A scurity report for my website show this vulnerability:
Relflected XSS:
Request: GET http://example.com/page.php?q=< wslite > HTTP/1.1
what is the meaning of this error, what is the meaning of <wslite>? and how can I solve this problem?
thanks
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
这意味着您网站的
?q部分存在 GET 漏洞。他们可以在那里植入代码。尝试使用?q=XSS访问您的网站,它应该会在页面中的某处显示 XSS(下划线)一词。这些可能非常危险。所以一定要确保你把它解决了。更新您正在使用的任何 CMS,或在 PHP 中使用htmlentities()以确保用户无法插入 HTML。It means there is a GET vulnerability within the
?qsection of your site. They can implant code there. Try visiting your site with?q=<u>XSS</u>, and it should bring up the word XSS (underlined) somewhere within the page. These can be very dangerous. So ensure you sort it out. Update whatever CMS you are using, or usehtmlentities()in PHP to ensure the user cannot insert HTML.