dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update interface name to exploit

Browse Source 
The name is
org.owasp.webgoat.lessons.vulnerablecomponents.Contact
not
org.owasp.webgoat.vulnerablecomponents.Contact
This commit is contained in:
Jesper Hallborg
2022-09-21 14:07:14 +02:00
committed by Àngel Ollé Blázquez
parent 34f5b79249
commit 96c2595ad0
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/resources/lessons/vulnerablecomponents/documentation/VulnerableComponents_content5a.adoc
View File

@ -13,6 +13,6 @@ WebGoat uses an XML document to add contacts to a contacts database.
</contact>
----
The java interface that you need for the exercise is: org.owasp.webgoat.vulnerablecomponents.Contact.
The java interface that you need for the exercise is: org.owasp.webgoat.lessons.vulnerablecomponents.Contact.
Start by sending the above contact to see what the normal response would be and then read the CVE vulnerability documentation (search the Internet) and try to trigger the vulnerability.
For this example, we will let you enter the XML directly versus intercepting the request and modifying the data. You provide the XML representation of a contact and WebGoat will convert it a Contact object using `XStream.fromXML(xml)`.