Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

XSS vulnerability #1

Open
k4u5h4L opened this issue Sep 19, 2020 · 0 comments
Open

XSS vulnerability #1

k4u5h4L opened this issue Sep 19, 2020 · 0 comments
Labels
bug Something isn't working hacktoberfest

Comments

@k4u5h4L
Copy link
Member

k4u5h4L commented Sep 19, 2020

The contact --> feedback page has a XSS vulnerability which allows for any JS code filled in the message field to be executed.
This can be done easily by using <script> {some js code}</script> put in the message field of the feedback form.
@k4u5h4L k4u5h4L added hacktoberfest bug Something isn't working labels Sep 25, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working hacktoberfest
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@k4u5h4L