a xss issue on home page.
ebadfd opened this issue · 0 comments
ebadfd commented
hi, you got a nice website. but while im just trying to send a message i noticed that the response is vulnerable to xss
you can trigger it via
<img src='#' onerror=alert(1) />probably a easy fix would be just to encode the characters.