WebGoat

Author	SHA1	Message	Date
François Capon	45c26d8aaf	Fix servers id (#1619 )	2023-10-22 15:25:52 +02:00
Àngel Ollé Blázquez	be30551850	fix: potential NPE in the stored XSS assignment	2023-08-27 14:31:35 +02:00
Àngel Ollé Blázquez	49862f6b90	fix: fixes the default change in trailing slash matching and address the affected assignments	2023-08-27 14:14:27 +02:00
Àngel Ollé Blázquez	4009785bb8	fix: crypto basics broken links	2023-08-27 13:16:08 +02:00
Àngel Ollé Blázquez	d8341c86a1	bug: fix hint that was breaking the template, causing hints from different assignments to mix (#1424 )	2023-08-27 02:08:52 +02:00
Àngel Ollé Blázquez	055578893d	feat: improve MFAC lesson hint texts for a better user experience (#1424 )	2023-08-27 02:08:52 +02:00
dependabot[bot]	b89ebd70ad	chore: bump webdrivermanager from 5.3.2 to 5.3.3 Bumps [webdrivermanager](https://github.com/bonigarcia/webdrivermanager) from 5.3.2 to 5.3.3. - [Release notes](https://github.com/bonigarcia/webdrivermanager/releases) - [Changelog](https://github.com/bonigarcia/webdrivermanager/blob/master/CHANGELOG.md) - [Commits](https://github.com/bonigarcia/webdrivermanager/compare/webdrivermanager-5.3.2...webdrivermanager-5.3.3) --- updated-dependencies: - dependency-name: io.github.bonigarcia:webdrivermanager dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-08-27 00:34:41 +02:00
Àngel Ollé Blázquez	7b81247dd1	fix: HijackSession lesson template deprecated Tymeleaf attribute	2023-08-26 02:57:50 +02:00
Àngel Ollé Blázquez	3bc2e57c9c	Fix NPE in IDOR lesson	2023-08-26 02:22:33 +02:00
Àngel Ollé Blázquez	c3ec168d59	Add new assignment IT tests	2023-08-26 01:30:17 +02:00
Àngel Ollé Blázquez	a67fbf5a5a	fix: XSS mitigation	2023-08-26 01:30:17 +02:00
Àngel Ollé Blázquez	3365c8d447	Remove wrong files	2023-08-25 22:50:40 +02:00
Àngel Ollé Blázquez	368c046779	fix: Stored Cross-Site Scripting Lesson	2023-08-25 20:55:26 +02:00
dependabot[bot]	8749137d1e	chore: bump org.webjars:jquery from 3.6.4 to 3.7.0 Bumps [org.webjars:jquery](https://github.com/webjars/jquery) from 3.6.4 to 3.7.0. - [Commits](https://github.com/webjars/jquery/compare/jquery-3.6.4...jquery-3.7.0) --- updated-dependencies: - dependency-name: org.webjars:jquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-08-25 00:31:04 +02:00
Àngel Ollé Blázquez	786cabd251	Make webjar dependencies version agnostic	2023-08-24 16:43:28 +02:00
dependabot[bot]	dda8b10f55	chore: bump org.jruby:jruby from 9.4.2.0 to 9.4.3.0 Bumps org.jruby:jruby from 9.4.2.0 to 9.4.3.0. --- updated-dependencies: - dependency-name: org.jruby:jruby dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-08-19 00:20:59 +02:00
dependabot[bot]	d6ca083529	chore: bump commons-io:commons-io from 2.11.0 to 2.13.0 Bumps commons-io:commons-io from 2.11.0 to 2.13.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-08-18 16:15:17 +02:00
test2user-aqil	7c92d625dd	doc: fix version strings Replace `2023.3` with `2023.4`	2023-08-16 15:59:23 +02:00
Àngel Ollé Blázquez	4ba818533c	fix: WebWolf JWT jquery webjar	2023-08-09 01:32:03 +02:00
Nanne Baars	a9b1fd66b8	feat: implement JWT jku example (#1552 ) Closes #1539	2023-08-08 17:18:22 +02:00
dependabot[bot]	8f6e47e6d4	chore: bump com.nulab-inc:zxcvbn from 1.7.0 to 1.8.0 (#1542 ) Bumps [com.nulab-inc:zxcvbn](https://github.com/nulab/zxcvbn4j) from 1.7.0 to 1.8.0. - [Release notes](https://github.com/nulab/zxcvbn4j/releases) - [Changelog](https://github.com/nulab/zxcvbn4j/blob/master/CHANGELOG.md) - [Commits](https://github.com/nulab/zxcvbn4j/compare/1.7.0...1.8.0) --- updated-dependencies: - dependency-name: com.nulab-inc:zxcvbn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-08-04 16:34:49 +02:00
dependabot[bot]	61de52840f	chore: bump com.diffplug.spotless:spotless-maven-plugin from 2.33.0 to 2.38.0 (#1535 ) * chore: bump com.diffplug.spotless:spotless-maven-plugin Bumps [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) from 2.33.0 to 2.38.0. - [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md) - [Commits](https://github.com/diffplug/spotless/compare/lib/2.33.0...lib/2.38.0) --- updated-dependencies: - dependency-name: com.diffplug.spotless:spotless-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * chore: format code --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Nanne Baars <nanne.baars@owasp.org>	2023-07-30 15:10:31 +02:00
dependabot[bot]	fd3eb2451c	chore: bump guava from 31.1-jre to 32.1.1-jre (#1530 ) Bumps [guava](https://github.com/google/guava) from 31.1-jre to 32.1.1-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-07-29 12:35:06 +02:00
dependabot[bot]	32fa1ec0a6	chore: bump jquery from 3.5.1 to 3.6.4 (#1529 ) Bumps [jquery](https://github.com/webjars/jquery) from 3.5.1 to 3.6.4. - [Commits](https://github.com/webjars/jquery/compare/jquery-3.5.1...jquery-3.6.4) --- updated-dependencies: - dependency-name: org.webjars:jquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2023-07-27 13:04:46 +02:00
Àngel Ollé Blázquez	ad00119b0d	Add Assignment7 Tests	2023-07-18 00:38:23 +02:00
Àngel Ollé Blázquez	25f49537e7	bug: Fix IDOR lesson	2023-07-16 17:14:27 +02:00
dependabot[bot]	8cb735e623	chore: bump joonvena/robotframework-reporter-action from 2.1 to 2.2 Bumps [joonvena/robotframework-reporter-action](https://github.com/joonvena/robotframework-reporter-action) from 2.1 to 2.2. - [Release notes](https://github.com/joonvena/robotframework-reporter-action/releases) - [Commits](https://github.com/joonvena/robotframework-reporter-action/compare/v2.1...v2.2) --- updated-dependencies: - dependency-name: joonvena/robotframework-reporter-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-07-16 16:01:06 +02:00
dependabot[bot]	155a40aab4	chore: bump docker/build-push-action from 4.1.0 to 4.1.1 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-07-16 15:55:22 +02:00
dependabot[bot]	6c4ddbbaad	chore: bump maven-surefire-plugin from 3.1.0 to 3.1.2 Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.1.0 to 3.1.2. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.1.0...surefire-3.1.2) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-07-16 15:41:25 +02:00
dependabot[bot]	d704f69879	chore: bump commons-compress from 1.22 to 1.23.0 (#1514 ) Bumps commons-compress from 1.22 to 1.23.0. --- updated-dependencies: - dependency-name: org.apache.commons:commons-compress dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-07-15 09:28:40 +02:00
dependabot[bot]	3b2b613aa5	chore: bump asciidoctorj from 2.5.3 to 2.5.10 (#1498 ) Bumps [asciidoctorj](https://github.com/asciidoctor/asciidoctorj) from 2.5.3 to 2.5.10. - [Release notes](https://github.com/asciidoctor/asciidoctorj/releases) - [Changelog](https://github.com/asciidoctor/asciidoctorj/blob/v2.5.10/CHANGELOG.adoc) - [Commits](https://github.com/asciidoctor/asciidoctorj/compare/v2.5.3...v2.5.10) --- updated-dependencies: - dependency-name: org.asciidoctor:asciidoctorj dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-18 20:21:53 +02:00
Nanne Baars	934ba3e496	fix: remove steps from release script (#1509 ) Closes gh-1383	2023-06-18 20:13:38 +02:00
Àngel Ollé Blázquez	8ec718c1ef	format	2023-06-15 19:26:33 +02:00
Àngel Ollé Blázquez	1df7ca61a3	Text content improvement	2023-06-15 19:26:33 +02:00
Àngel Ollé Blázquez	75398feca0	Add hints	2023-06-15 19:26:33 +02:00
dependabot[bot]	76a2365abf	chore: bump docker/setup-qemu-action from 2.1.0 to 2.2.0 (#1503 ) Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-14 10:31:00 +02:00
dependabot[bot]	015216df5f	chore: bump docker/login-action from 2.1.0 to 2.2.0 (#1502 ) Bumps [docker/login-action](https://github.com/docker/login-action) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-13 17:06:35 +02:00
dependabot[bot]	60fc807d36	chore: bump docker/build-push-action from 4.0.0 to 4.1.0 (#1501 ) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4.0.0 to 4.1.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-13 10:50:53 +02:00
Nanne Baars	636a2bdaf5	fix: robotframework fails due to updated dependencies (#1508 )	2023-06-13 10:00:50 +02:00
dependabot[bot]	816a694c84	chore: bump maven-surefire-plugin from 3.0.0-M9 to 3.1.0 (#1499 ) Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.0.0-M9 to 3.1.0. - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](https://github.com/apache/maven-surefire/compare/surefire-3.0.0-M9...surefire-3.1.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2023-06-07 21:31:54 +02:00
dependabot[bot]	06a55ab278	chore: bump maven-checkstyle-plugin from 3.2.1 to 3.3.0 (#1496 ) Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.2.1 to 3.3.0. - [Commits](https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.2.1...maven-checkstyle-plugin-3.3.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2023-06-07 09:41:13 +02:00
dependabot[bot]	0136c1070f	chore: bump spring-boot-starter-parent from 3.0.5 to 3.1.0 (#1497 ) Bumps [spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) from 3.0.5 to 3.1.0. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.0.5...v3.1.0) --- updated-dependencies: - dependency-name: org.springframework.boot:spring-boot-starter-parent dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-06 16:21:11 +02:00
Nanne Baars	dce5eeb797	bug: fix Java image inside Docker file The image now downloads the correct Java version based on the architecture.	2023-06-04 14:56:46 +02:00
Nanne Baars	ca886b4818	feat: upgrade to Spring Boot version 3 (#1477 )	2023-06-04 11:19:47 +02:00
dependabot[bot]	ff3a2983e2	chore: bump zxcvbn from 1.5.2 to 1.7.0 (#1471 ) Bumps [zxcvbn](https://github.com/nulab/zxcvbn4j) from 1.5.2 to 1.7.0. - [Release notes](https://github.com/nulab/zxcvbn4j/releases) - [Changelog](https://github.com/nulab/zxcvbn4j/blob/master/CHANGELOG.md) - [Commits](https://github.com/nulab/zxcvbn4j/compare/1.5.2...1.7.0) --- updated-dependencies: - dependency-name: com.nulab-inc:zxcvbn dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2023-06-02 16:21:17 +02:00
dependabot[bot]	6f0b88f9b6	chore: bump cglib-nodep from 2.2 to 3.3.0 (#1470 ) Bumps [cglib-nodep](https://github.com/cglib/cglib) from 2.2 to 3.3.0. - [Release notes](https://github.com/cglib/cglib/releases) - [Commits](https://github.com/cglib/cglib/commits) --- updated-dependencies: - dependency-name: cglib:cglib-nodep dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2023-06-02 16:06:55 +02:00
dependabot[bot]	9d9fb092be	chore: bump maven-enforcer-plugin from 3.2.1 to 3.3.0 (#1468 ) Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.2.1 to 3.3.0. - [Release notes](https://github.com/apache/maven-enforcer/releases) - [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.2.1...enforcer-3.3.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-enforcer-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2023-06-02 09:01:54 +02:00
dependabot[bot]	4bc53a6666	chore: bump maven-checkstyle-plugin from 3.1.2 to 3.2.1 (#1472 ) Bumps [maven-checkstyle-plugin](https://github.com/apache/maven-checkstyle-plugin) from 3.1.2 to 3.2.1. - [Release notes](https://github.com/apache/maven-checkstyle-plugin/releases) - [Commits](https://github.com/apache/maven-checkstyle-plugin/compare/maven-checkstyle-plugin-3.1.2...maven-checkstyle-plugin-3.2.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-checkstyle-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: René Zubcevic <rene@zubcevic.com>	2023-06-02 08:54:21 +02:00
dependabot[bot]	61d5fb9ece	chore: bump jsoup from 1.15.4 to 1.16.1 (#1484 ) Bumps [jsoup](https://github.com/jhy/jsoup) from 1.15.4 to 1.16.1. - [Release notes](https://github.com/jhy/jsoup/releases) - [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES) - [Commits](https://github.com/jhy/jsoup/compare/jsoup-1.15.4...jsoup-1.16.1) --- updated-dependencies: - dependency-name: org.jsoup:jsoup dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-02 08:43:43 +02:00
dependabot[bot]	6eafa45e4c	chore: bump jacoco-maven-plugin from 0.8.8 to 0.8.10 Bumps [jacoco-maven-plugin](https://github.com/jacoco/jacoco) from 0.8.8 to 0.8.10. - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](https://github.com/jacoco/jacoco/compare/v0.8.8...v0.8.10) --- updated-dependencies: - dependency-name: org.jacoco:jacoco-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2023-05-01 23:48:16 +02:00

... 3 4 5 6 7 ...

3102 Commits