WebGoat

Author	SHA1	Message	Date
dependabot[bot]	58e7e9d4ef	Bump actions/cache from 3.2.2 to 3.2.3 Bumps [actions/cache](https://github.com/actions/cache) from 3.2.2 to 3.2.3. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.2.2...v3.2.3) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-01-11 20:59:09 +01:00
Nanne Baars	c7a41d1b17	Merge branch 'release/v2023.3' into develop	2023-01-05 21:59:37 +01:00
Nanne Baars	edd9aa36c2	Merge branch 'release/v2023.3' v2023.3	2023-01-05 21:59:29 +01:00
Nanne Baars	27fe1850de	Preparing new release	2023-01-05 21:59:01 +01:00
Nanne Baars	5c2bbd1227	Fix jar path while creating a release	2023-01-05 21:57:08 +01:00
Nanne Baars	683b629663	Back to snapshot	2023-01-05 21:52:40 +01:00
Nanne Baars	04908a81e7	Add change log URL	2023-01-05 21:51:45 +01:00
Nanne Baars	701de68ef2	Merge branch 'release/v2023.2' into develop	2023-01-05 21:37:28 +01:00
Nanne Baars	81ed738493	Merge branch 'release/v2023.2' v2023.2	2023-01-05 21:37:21 +01:00
Nanne Baars	c03d153978	New release	2023-01-05 21:36:48 +01:00
Nanne Baars	6ab04db2ee	Merge branch 'release/v2023.1' into develop	2023-01-05 21:06:36 +01:00
Nanne Baars	a108a937b5	Merge branch 'release/v2023.1' v2023.1	2023-01-05 21:06:22 +01:00
Nanne Baars	6d5ea57606	New release	2023-01-05 21:02:26 +01:00
Nanne Baars	79fd88eeb6	Use Java 17	2023-01-05 21:00:43 +01:00
Nanne Baars	64b10c1a59	Merge branch 'release/v2023.0' into develop	2023-01-05 20:52:02 +01:00
Nanne Baars	6398d31c14	Merge branch 'release/v2023.0' v2023.0	2023-01-05 20:51:53 +01:00
Nanne Baars	716a7dd9ea	Preparing release 2023.0	2023-01-05 20:51:34 +01:00
Nanne Baars	323daae578	Vulnerable components only work in a Docker container	2023-01-05 20:51:15 +01:00
Nanne Baars	bdbf66c8e1	Merge branch 'release/v2023.1' into develop	2023-01-05 20:38:54 +01:00
Nanne Baars	174a59c35a	Preparing release 2023.1	2023-01-05 20:38:20 +01:00
Nanne Baars	a08e515f6d	Merge branch 'release/v2023.0' into develop	2023-01-05 20:35:02 +01:00
Nanne Baars	f766edcfcb	Preparing release 2023.0	2023-01-05 20:31:24 +01:00
Nanne Baars	3901814363	Fix documentation link for XXE mitigation.	2023-01-05 19:00:12 +01:00
Nanne Baars	59bfd7c6d4	Move XXE to A05 - Security Misconfiguration	2023-01-05 19:00:12 +01:00
Nanne Baars	11776e1d6a	Remove explicit goal for code formatting `mvn verify` already checks formatting, having a separate step is not necessary. We now also check Markdown files for correct formatting.	2023-01-05 18:18:52 +01:00
Nanne Baars	7664625afa	Add documentation about reusing the container. The documentation now contains a description to reuse the initially create container. This way the user can start where they left off. The documentation only described creating a new container each and every time leaving users to create a new login each and every time. Add documentation about reusing the container. The documentation now contains a description to reuse the initially create container. This way the user can start where they left off. The documentation only described creating a new container each and every time leaving users to create a new login each and every time.	2023-01-05 18:18:52 +01:00
Nanne Baars	dca415099f	Remove unused JavaScript function	2023-01-05 11:33:00 +01:00
Nanne Baars	54e115aff0	Update the solution with WebWolf URLs The new solution uses WebWolf paths as these will change automatically when a user start WebGoat on a different port. It no longer depends on the hardcoded port `8080`.	2023-01-05 11:02:45 +01:00
Nanne Baars	fcaa2d8589	Fix zip slip lesson. The lesson did not work properly as the directory is reused across several path traversal lessons. First thing before uploading the zip file we now clean the directory. The html had a reference to a location of the profile picture, this was part of a hint but this only causes confusion as this is not indicating to where you need to upload the picture with the Zip Slip vulnerability. The assignment now contains a direct hint as where the image needs to be saved. The assignment is about creating a vulnerable zip file and NOT about guessing where the image should be saved inside WebGoat.	2023-01-05 11:02:45 +01:00
Nanne Baars	9666597164	- Add reference to the WebWolf icon in the top right corner. - Format all text of the lesson	2023-01-04 08:07:51 +01:00
Nanne Baars	d2a1546dff	Apply formatting This will make sure we have a consistent style across our project and the PRs are only concerned with actual changes and no longer about style.	2023-01-04 08:07:23 +01:00
Nanne Baars	b03777d39b	Support `boolean` when parsing the token. When the admin json element passes as a `boolean`: ``` { "admin": true } ``` the parsing is now successful.	2023-01-04 07:43:18 +01:00
Nanne Baars	32468ff90b	Add sql lesson (#1370 )	2023-01-04 07:42:29 +01:00
dependabot[bot]	614235d913	Bump actions/cache from 3.2.1 to 3.2.2 (#1369 ) Bumps [actions/cache](https://github.com/actions/cache) from 3.2.1 to 3.2.2. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.2.1...v3.2.2) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-12-31 16:28:31 +01:00
dependabot[bot]	9abf4ef2ea	Bump actions/cache from 3.0.11 to 3.2.1 (#1368 ) Bumps [actions/cache](https://github.com/actions/cache) from 3.0.11 to 3.2.1. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.0.11...v3.2.1) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-12-27 18:00:54 +01:00
aswins2108@gmail.com	6a18ee80be	Added info about login in the ReadMe file	2022-12-06 14:07:05 +01:00
Adam Szatyin	71ec36102f	Fix typo	2022-12-01 21:34:19 +01:00
András Veres-Szentkirályi	8db9ff30be	Fixed incorrect word while "wear" and "were" have similar pronunciation, one of them is better here than the other :)	2022-11-29 18:55:44 +01:00
András Veres-Szentkirályi	b51be74cab	typofix	2022-11-28 17:10:14 +01:00
dependabot[bot]	d4e3c9b91c	Bump actions/cache from 3.0.10 to 3.0.11 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.10 to 3.0.11. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.0.10...v3.0.11) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-10-23 10:06:24 +02:00
dependabot[bot]	87358d4238	Bump docker/setup-qemu-action from 2.0.0 to 2.1.0 Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-10-23 10:06:13 +02:00
dependabot[bot]	3bc5309a1c	Bump docker/build-push-action from 3.1.1 to 3.2.0 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.1 to 3.2.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3.1.1...v3.2.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-10-23 10:05:56 +02:00
dependabot[bot]	8ec69d0a41	Bump docker/login-action from 2.0.0 to 2.1.0 Bumps [docker/login-action](https://github.com/docker/login-action) from 2.0.0 to 2.1.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v2.0.0...v2.1.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-10-23 10:05:44 +02:00
dependabot[bot]	1f567749bd	Bump actions/first-interaction from 1.1.0 to 1.1.1 Bumps [actions/first-interaction](https://github.com/actions/first-interaction) from 1.1.0 to 1.1.1. - [Release notes](https://github.com/actions/first-interaction/releases) - [Commits](https://github.com/actions/first-interaction/compare/v1.1.0...v1.1.1) --- updated-dependencies: - dependency-name: actions/first-interaction dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-10-23 10:05:32 +02:00
dependabot[bot]	ea892dbcb2	Bump actions/cache from 3.0.8 to 3.0.10 (#1342 ) Bumps [actions/cache](https://github.com/actions/cache) from 3.0.8 to 3.0.10. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.0.8...v3.0.10) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-05 11:24:44 +02:00
Jesper Hallborg	96c2595ad0	Update interface name to exploit The name is org.owasp.webgoat.lessons.vulnerablecomponents.Contact not org.owasp.webgoat.vulnerablecomponents.Contact	2022-09-21 22:32:16 +02:00
René Zubcevic	34f5b79249	isReadable works inside a container, isFile not (#1334 )	2022-09-12 09:02:07 +02:00
Thanh Tran	f5e4d4717a	FixTypo - Fix typo in various lesson documentations	2022-08-30 22:21:22 +02:00
dependabot[bot]	de3c2c8d85	Bump actions/cache from 3.0.6 to 3.0.8 Bumps [actions/cache](https://github.com/actions/cache) from 3.0.6 to 3.0.8. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3.0.6...v3.0.8) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-08-27 16:44:51 +02:00
dependabot[bot]	975cbf5769	Bump docker/build-push-action from 3.1.0 to 3.1.1 (#1321 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.1.0 to 3.1.1. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v3.1.0...v3.1.1) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-08 20:06:48 +02:00

... 2 3 4 5 6 ...

2955 Commits