search

cwong-scw / action-playground

0 stars 2 forks source link

dfjadoifj ssrf iojdfoij #34

Open cwong-scw opened 3 years ago

cwong-scw commented 3 years ago

jiojibn

temp-scw-app[bot] commented 3 years ago

Micro-Learning Topic: SSRF (Detected by phrase)

What is this? (2min video)

Server-Side Request Forgery (SSRF) vulnerabilities are caused when an attacker can supply or modify a URL that reads or sends data to the server. The attacker can create a malicious request with a manipulated URL, when this request reaches the server, the server-side code executes the exploit URL causing the attacker to be able to read data from services that shouldn't be exposed.

Try this challenge in Secure Code Warrior

cwong-scw commented 3 years ago

idjfio jxss iojfgoi we

temp-scw-app[bot] commented 3 years ago

Micro-Learning Topic: XSS (Detected by phrase)

What is this? (2min video)

Reflected cross-site scripting vulnerabilities occur when unescaped input is displayed in the resulting page displayed to the user. When HTML or script is included in the input, it will be processed by a user's browser as HTML or script and can alter the appearance of the page or execute malicious scripts in their user context.

Try this challenge in Secure Code Warrior

temp-scw-app[bot] commented 3 years ago

Micro-Learning Topic: Improper Control of Generation of Code ('Code Injection') (CWE 94)

What is this? (2min video)

The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

Try this challenge in Secure Code Warrior

cwong-scw commented 3 years ago

more ssrf