From be0c6adb8a2ef9eafdaa47e3b824f08bf6f55f52 Mon Sep 17 00:00:00 2001
From: Souradip Ghosh <souradip1212@gmail.com>
Date: Thu, 11 Sep 2025 11:45:44 +0530
Subject: [PATCH] feat: introduce vulnerable sample

---
 src/main/java/com/acme/DemoController.java | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/acme/DemoController.java b/src/main/java/com/acme/DemoController.java
index 455436d..2de8c87 100644
--- a/src/main/java/com/acme/DemoController.java
+++ b/src/main/java/com/acme/DemoController.java
@@ -1,2 +1,9 @@
-// safe baseline
-public class DemoController {}
+import org.springframework.web.bind.annotation.*;
+@RestController
+public class DemoController {
+  @GetMapping("/items")
+  public String items(@RequestParam String sort) throws Exception {
+    Class<?> clazz = Class.forName(sort);
+    return "ok";
+  }
+}