This lesson is intended to show the dangers of outdated software. However in version 1.4.7 the vulnerability is fixed! In 1.4.5 it is still present, so I suggest this downgrade. It is tested and works as intended, just as 1.4.7 does not.

2019-12-14 00:41:16 +01:00 · 2019-12-14 00:41:16 +01:00 · 4c45a1e68c
commit 4c45a1e68c
parent f79ad452d2
1 changed files with 1 additions and 2 deletions
--- a/webgoat-lessons/pom.xml
+++ b/webgoat-lessons/pom.xml
@ -90,11 +90,10 @@
            <artifactId>zxcvbn</artifactId>
            <version>1.2.5</version>
        </dependency>
-        <!-- Temporarily -->
        <dependency>
            <groupId>com.thoughtworks.xstream</groupId>
            <artifactId>xstream</artifactId>
-            <version>1.4.7</version>
+            <version>1.4.5</version>
        </dependency>
    </dependencies>
    <dependencyManagement>