You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@servicecomb.apache.org by GitBox <gi...@apache.org> on 2020/07/16 01:09:17 UTC

[GitHub] [servicecomb-pack] qufa opened a new issue #672: 扫描漏洞Agora.cgi

qufa opened a new issue #672:
URL: https://github.com/apache/servicecomb-pack/issues/672


   使用漏洞扫描工具对alpha-server扫描，出现该漏洞提示，是否可能是由于alpha-server的gui模块引入的呢？
   ![IMG_2659](https://user-images.githubusercontent.com/68358882/87614853-ca5c3c00-c743-11ea-857c-a76cbc579c01.jpg)
   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [servicecomb-pack] coolbeevip commented on issue #672: 扫描漏洞Agora.cgi

Posted by GitBox <gi...@apache.org>.

coolbeevip commented on issue #672:
URL: https://github.com/apache/servicecomb-pack/issues/672#issuecomment-664921299


   > 使用漏洞扫描工具对alpha-server扫描，出现该漏洞提示，是否可能是由于alpha-server的gui模块引入的呢？
   > ![IMG_2659](https://user-images.githubusercontent.com/68358882/87614853-ca5c3c00-c743-11ea-857c-a76cbc579c01.jpg)
   
   这可能是一个误报，需要提供 Agora.cgi 的详细错误信息，也许是跨站脚本问题


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [servicecomb-pack] coolbeevip commented on issue #672: 扫描漏洞Agora.cgi

Posted by GitBox <gi...@apache.org>.

coolbeevip commented on issue #672:
URL: https://github.com/apache/servicecomb-pack/issues/672#issuecomment-659096911


   有可能，你可以通过防火墙控制只允许某个IP才能访问 alpha ui


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [servicecomb-pack] WillemJiang commented on issue #672: 扫描漏洞Agora.cgi

Posted by GitBox <gi...@apache.org>.

WillemJiang commented on issue #672:
URL: https://github.com/apache/servicecomb-pack/issues/672#issuecomment-660775000


   Can we add some access control on the alpha-server side?


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [servicecomb-pack] WillemJiang edited a comment on issue #672: 扫描漏洞Agora.cgi

Posted by GitBox <gi...@apache.org>.

WillemJiang edited a comment on issue #672:
URL: https://github.com/apache/servicecomb-pack/issues/672#issuecomment-660775000


   Alpha UI 没有使用Agora.cgi， 不知道这个问题是怎么扫出来的？


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org