Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: SQL注入加净化方法后,正常SQL注入漏洞也无法检出 #968

Open
3 tasks done
Ch35Tnut opened this issue Sep 16, 2022 · 1 comment
Open
3 tasks done

[Bug]: SQL注入加净化方法后,正常SQL注入漏洞也无法检出 #968

Ch35Tnut opened this issue Sep 16, 2022 · 1 comment
Labels
bug Something isn't working

Comments

@Ch35Tnut
Copy link

Preflight Checklist

  • I agree to follow the Code of Conduct that this project adheres to.
  • I have searched the issue tracker for an issue that matches the one I want to file, without success.
  • I am not looking for support or already pursued the available support channels without success.

Version

1.7.1

Installation Type

Other (specify below)

Service Name

DongTai-Web

Describe the details of the bug and the steps to reproduce it

web 配置自定义规则,添加过滤方法规则。规则类型选择SQL注入,添加新的过滤方法:aaa.bbb.ccc.D(java.lang.String), 导致原有的危险方法规则中SQL注入类型的所有方法都变成了过滤方法。

Additional Information

使用方可以针对每个漏洞规则,自定义过滤方法规则。

Logs

No response
@Ch35Tnut Ch35Tnut added the bug Something isn't working label Sep 16, 2022
@luzhongyang
Copy link
Collaborator

Unable to reproduce, Please Provide runnable demo code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@luzhongyang @Ch35Tnut