dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: potential NPE in the stored XSS assignment

Browse Source
This commit is contained in:
Àngel Ollé Blázquez
2023-08-27 14:23:34 +02:00
parent 49862f6b90
commit be30551850
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/org/owasp/webgoat/lessons/xss/stored/StoredCrossSiteScriptingVerifier.java
View File

@ -39,7 +39,7 @@ public class StoredCrossSiteScriptingVerifier extends AssignmentEndpoint {
public AttackResult completed(@RequestParam String successMessage) {
UserSessionData userSessionData = getUserSessionData();
if (successMessage.equals(userSessionData.getValue("randValue").toString())) {
if (successMessage.equals(userSessionData.getValue("randValue"))) {
return success(this).feedback("xss-stored-callback-success").build();
} else {
return failed(this).feedback("xss-stored-callback-failure").build();