Skip to content

Add SSTI, stored XSS, and SSRF vulnerability modules with Kotlin support#7

Open
misonijnik wants to merge 1 commit intodemo/basefrom
demo/spring
Open

Add SSTI, stored XSS, and SSRF vulnerability modules with Kotlin support#7
misonijnik wants to merge 1 commit intodemo/basefrom
demo/spring

Conversation

@misonijnik
Copy link
Copy Markdown
Member

@misonijnik misonijnik commented Mar 31, 2026

Introduce template injection patterns (FreeMarker/Thymeleaf), cross-endpoint stored XSS flows with column-level sensitivity, SSRF via coroutine-based URL fetch, and JPA persistence layer with H2. Update README to document all vulnerability patterns and the expanded tech stack.

@misonijnik
Add SSTI, stored XSS, and SSRF vulnerability modules with Kotlin support
dab2281 
Introduce template injection patterns (FreeMarker/Thymeleaf), cross-endpoint
stored XSS flows with column-level sensitivity, SSRF via coroutine-based URL
fetch, and JPA persistence layer with H2. Update README to document all
vulnerability patterns and the expanded tech stack.
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 31, 2026
View reviewed changes
src/main/java/org/seqra/spring/content/MarketingTemplateService.java
model.put("campaignId", name);

StringWriter output = new StringWriter();
template.process(model, output);

Check failure

Code scanning / OpenTaint

Unvalidated user data flows into template engine Error

Potential template injection: unvalidated user data flows into template engine
src/main/java/org/seqra/spring/content/TemplateRenderingService.java
Context context = new Context();
context.setVariable("appName", "Demo Application");

return templateEngine.process(templateContent, context);

Check failure

Code scanning / OpenTaint

Unvalidated user data flows into template engine Error

Potential template injection: unvalidated user data flows into template engine
src/main/java/org/seqra/spring/messaging/MessageController.java
Comment on lines +57 to +59
return ResponseEntity.ok()
.contentType(MediaType.TEXT_HTML)
.body(content);

Check failure

Code scanning / OpenTaint

Potential cross-site scripting (XSS) Error

Potential XSS: writing user input directly to a web page.
src/main/java/org/seqra/spring/messaging/MessageController.java
Comment on lines +96 to +98
return ResponseEntity.ok()
.contentType(MediaType.TEXT_HTML)
.body(title);

Check failure

Code scanning / OpenTaint

Potential cross-site scripting (XSS) Error

Potential XSS: writing user input directly to a web page.
src/main/java/org/seqra/spring/messaging/MessageController.java
Comment on lines +131 to +133
return ResponseEntity.ok()
.contentType(MediaType.TEXT_HTML)
.body(content);

Check failure

Code scanning / OpenTaint

Potential cross-site scripting (XSS) Error

Potential XSS: writing user input directly to a web page.
src/main/kotlin/org/seqra/spring/proxy/UrlFetchService.kt

scope.launch {
try {
val connection = URI.create(url).toURL().openConnection()

Check failure

Code scanning / OpenTaint

Potential server-side request forgery (SSRF) Error

Potential SSRF: the web server receives a URL or similar request from an upstream component and retrieves the contents of this URL, it does not sufficiently ensure that the request is being sent to the expected destination.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@misonijnik @github-advanced-security