New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Spring Boot Actuator敏感信息泄露 #977

Open

lhhgh opened this issue Mar 6, 2024 · 3 comments

lhhgh commented Mar 6, 2024

pig版本：4.4.0
通过地址：http://124.70.102.185:8080/act/%61%63%74%75%61%74%6f%72 可以直接获取配置信息
请问：如何解决此漏洞

Author

lhhgh commented Mar 6, 2024

Sentinel和Monitor两个服务都没有启动

Collaborator

lltx commented Mar 6, 2024

Author

lhhgh commented Mar 26, 2024

这个配置一直加着的，还是有这个漏洞。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment