🚨 Potential Security Vulnerability
ranjit-git opened this issue · 3 comments
Hello, @kalcaddle - Five potential high severity security vulnerability in your repository has been disclosed to huntr.
Visit report url and validate them
https://www.huntr.dev/bounties/12-kalcaddle/KodExplorer/
https://www.huntr.dev/bounties/13-kalcaddle/KodExplorer/
https://www.huntr.dev/bounties/14-kalcaddle/KodExplorer/
https://www.huntr.dev/bounties/15-kalcaddle/KodExplorer/
https://www.huntr.dev/bounties/16-kalcaddle/KodExplorer/
https://www.huntr.dev/bounties/17-kalcaddle/KodExplorer
Report is visible only to repo-maintainer and reporter .
@ranjit-git and @kalcaddle artTemplate escapes html content by default according to their documentation. So I don't see how these variables used in this template can cause an XSS.
@wadleo yes xss is executed there . May be they missing xss check in few endpoints . If you are repo-maintainer then you can seee full report details with reproduction step and video poc .
Thanks,we will fixed it soon.