...
An attacker can enter a specially crafted argument in an attempt to inject malicious JavaScript. Here is an example malicious string; it contains JavaScript code that can create or overwrite an existing file on a Windows system running the vulnerable Java code.
| Code Block | ||
|---|---|---|
| ||
// Windows-based target's file path is being used
dummy\');
var bw = new JavaImporter(java.io.BufferedWriter);
var fw = new JavaImporter(java.io.FileWriter);
with(fw) with(bw) {
bwr = new BufferedWriter(new FileWriter(\"c://somepath//somefile.txt\"));
bwr.write("some text"); bwr.close();
}
// ;
|
...