[Security request] 用户名字处存在存储型XSS注入
Closed this issue · 1 comments
EastSunWong commented
用户修改名字
username<img src=1 onerror=alert(document.domain)>
返回首页
EastSunWong commented
version:
style.css?v=3.6.4-beta.1
仍然没有处理存储型XSS注入攻击。
Closed this issue · 1 comments
username<img src=1 onerror=alert(document.domain)>
version:
style.css?v=3.6.4-beta.1
仍然没有处理存储型XSS注入攻击。