HTTP请求参数绑定到User所有属性

阿年

奇安信代码卫生检查 为中等级缺陷 不安全的框架绑定 只是部分检查截图：

缺陷7

爆发行:java/com/interesting/business/system/controller/SysAnnouncementController.java;81行

跟踪路径1:    1   e_zhiyou/interesting-business-center/interesting-business-center-system/src/main/java/com/interesting/business/system/controller/SysAnnouncementController.java;81行queryPageList

缺陷21

爆发行:java/com/interesting/business/system/controller/SysUserController.java;700行

跟踪路径1:    1   e_zhiyou/interesting-business-center/interesting-business-center-system/src/main/java/com/interesting/business/system/controller/SysUserController.java;700行queryByDepartId

缺陷22

爆发行:java/com/interesting/modules/demo/controller/TaskInfoController.java;155行

跟踪路径1:    1  e_zhiyou/interesting-business-center/interesting-business-center-ezhiyou/src/main/java/com/interesting/modules/demo/controller/TaskInfoController.java;155行exportXls

缺陷23

爆发行:java/com/interesting/business/system/controller/SysUserController.java;949行

跟踪路径1:    1   e_zhiyou/interesting-business-center/interesting-business-center-system/src/main/java/com/interesting/business/system/controller/SysUserController.java;949行querySysUser

缺陷24

爆发行:java/com/interesting/business/system/controller/ThirdLoginController.java;251行

跟踪路径1:    1  e_zhiyou/interesting-business-center/interesting-business-center-system/src/main/java/com/interesting/business/system/controller/ThirdLoginController.java;251行bindingThirdPhone

缺陷10

爆发行:java/com/interesting/business/system/controller/SysUserAgentController.java;71行

跟踪路径1:    1  e_zhiyou/interesting-business-center/interesting-business-center-system/src/main/java/com/interesting/business/system/controller/SysUserAgentController.java;71行queryPageList