Multiple Stored XSS on version 9.0.30
noobpk opened this issue · 0 comments
noobpk commented
Hello. I found some xss vulnerabilities on your version 9.0.30
- Stored XSS in Settings on parameter welcome_message and trigger at dashboard
Image Poc:
Image XSS trigger:
- Stored XSS in Pages on parameter Body when using plugin Source Code
Image Poc:
Image XSS trigger
