diff --git a/webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java b/webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java index fe5176351..c2e0cde96 100644 --- a/webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java +++ b/webgoat-lessons/xxe/src/main/java/org/owasp/webgoat/xxe/SimpleXXE.java @@ -118,7 +118,7 @@ public class SimpleXXE extends AssignmentEndpoint { if (applySecurity == null) { request.getSession().setAttribute("applySecurity", "true"); } - return "xxe security will be applied"; + return "xxe security patch is now applied, you can try the previous challenges and see the effect!"; } } diff --git a/webgoat-lessons/xxe/src/main/resources/html/XXE.html b/webgoat-lessons/xxe/src/main/resources/html/XXE.html index 9c5dff2c3..20a232b39 100644 --- a/webgoat-lessons/xxe/src/main/resources/html/XXE.html +++ b/webgoat-lessons/xxe/src/main/resources/html/XXE.html @@ -1,6 +1,8 @@ - - +
+ +
+
@@ -218,8 +220,9 @@
- Apply XXE security patch +
+ Apply XXE security patch
- + \ No newline at end of file diff --git a/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_static_code_analysis.adoc b/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_static_code_analysis.adoc index f62bd476d..02edd5aba 100644 --- a/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_static_code_analysis.adoc +++ b/webgoat-lessons/xxe/src/main/resources/lessonPlans/en/XXE_static_code_analysis.adoc @@ -14,7 +14,7 @@ SonarQube also shows you what you could do to fix this. image::images/xxe-suggested-fix.png[XXE suggested fix] -If you click on the link below, you can try to do the XXE challenges again and you will notice that the vulnerabilities are mitigated. +If you click on the button below, you can try to do the XXE challenges again and you will notice that the vulnerabilities are mitigated.