mirror of
https://github.com/elicpeter/nyx.git
synced 2026-06-06 19:35:13 +02:00
8 lines
213 B
Ruby
8 lines
213 B
Ruby
# Baseline: tainted body flows through a non-parser string operation.
|
|
# No XML parser entry point, no XXE label classification.
|
|
require "sinatra"
|
|
|
|
get "/wrap" do
|
|
body = params[:xml]
|
|
"<wrap>#{body}</wrap>"
|
|
end
|