veal98 / echo Goto Github PK

感觉流程图画得好好看，请问是使用的什么软件画的

Hello, I have found a security problems in your project.
you use spring security to identify users. However, when configuring the access path, because spring security's antMatcher is not used correctly, the attack can use the ambiguity of the server and spring in processing the path. Rely on the identity of ordinary users to call functions that should belong to the administrator.

The path of the vulnerable code： com/greate/community/config/SecurityConfig.java

attack method：login as a normal user without delete function. post /discuss/delete with discuss id and the serve will response "you have no privilege to request"". Then post /discuss/delete/ (append a slash) , this request will be successful and the discuss with the id will be deleted.

here is the proof:
post /discuss/delete

post /discuss/delete/

how to repair:

1. add extra path /delete/ path to spring security
2. deal with path together before spring security.

If the cache of Redis is cleared, then the data of like counts is gone.

org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'eventConsumer': Injection of autowired dependencies failed; nested exception is java.lang.IllegalArgumentException: Could not resolve placeholder 'wk.image.command' in value "${wk.image.command}"

具体错误信息：
tomcat的logs/catalina.2022-06-02.log日志中显示：
Could not resolve placeholder 'community.path.editormdUploadPath' in value "${community.path.editormdUploadPath}"
请问是什么原因造成的，如何解绝，谢谢