search

travist / jsencrypt

A zero-dependency Javascript library to perform OpenSSL RSA Encryption, Decryption, and Key Generation.
http://www.travistidwell.com/jsencrypt
Other
6.61k stars 2.02k forks source link

Penetration testing tools scan for vulnerabilities #185

Open FatherOfAaron opened 3 years ago

FatherOfAaron commented 3 years ago

Reference:http://www.cvedetails.com/cve/CVE-2012-5883/

CreatorEdition commented 1 year ago

这个不是基于前端类库的安全问题,jsencrypt只是一个前端类库,XSS 是需要后端验证的,建议安装 WAF 以及在后端进行相关验证