Reflected XSS
Closed this issue · 2 comments
facudualde commented
Hi, I found a reflected xss on https://graphonline.ru/en/create_graph_by_matrix and https://graphonline.ru/en/create_graph_by_incidence_matrix, just by entering <script>alert(document.domain)</script> in any of the fields of the matrix. It can be fixed by checking that the user has entered a valid integer and not allowing special chars.
By the way, congratulations for this awesome tool!
UnickSoft commented
Thanks.
UnickSoft commented
Fixed