We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi, I would like to report Cross Site Scripting(XSS) vulnerability in latest release(3.4.0a) admin/edit.php.
Description: Cross-site scripting (XSS) vulnerability in edit.php url: http://localhost/admin/edit.php
You can Edit html source code in rich text editor,and execute JavaScript code.
payload: <img src=x onerror=alert(1)> <--xss test
<img src=x onerror=alert(1)> <--xss test
And visit index page.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hi, I would like to report Cross Site Scripting(XSS) vulnerability in latest release(3.4.0a) admin/edit.php.
Description:
Cross-site scripting (XSS) vulnerability in edit.php
url:
http://localhost/admin/edit.php
You can Edit html source code in rich text editor,and execute JavaScript code.
payload:
<img src=x onerror=alert(1)> <--xss test
And visit index page.
The text was updated successfully, but these errors were encountered: