dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix link and typo

Browse Source 
The link pointed to the old OWASP website. Also fixed some typos here and there

Resolves: #1136
This commit is contained in:
Nanne Baars
2021-11-06 17:25:17 +01:00
committed by Nanne Baars
parent f2f7f36a6d
commit ab0433bb67
4 changed files with 9 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
webgoat-lessons/insecure-deserialization/src/main/resources/lessonPlans/en/InsecureDeserialization_SimpleExploit.adoc
View File

@ -12,7 +12,7 @@ AcmeObject acme = (AcmeObject)ois.readObject();
----
It is expecting an `AcmeObject` object, but it will execute `readObject()` before the casting ocurs.
If an attacker finds the proper class implementing dangerous operations in `readObject()`, he could serialize that object and force the vulnerable application to performe those actions.
If an attacker finds the proper class implementing dangerous operations in `readObject()`, he could serialize that object and force the vulnerable application to perform those actions.
=== Class included in ClassPath