-
# Summary
> FastAdmin is a lightweight and efficient management background framework based on ThinkPHP. It is widely used for its simplicity and powerful features.
FastAdmin 1.5.0.20240328, a v…
-
XSS Vulerability detected:
I tried using Inject an XSS query in simple MDE, By creating a link as following.
`[XSS](javascript:alert%28sessionStorage.clear%28%29%29)`
and it works as following:
…
-
# Summary
A Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the SeaCms V12.9.
Multiple reflective XSS vulnerabilities were discovered in `\js\player\dmplayer\play\index.ph…
-
Hello,
I would like to report for XSS vulnerability.
In file https://github.com/cobub/razor/blob/2c991aff4a9c83f99e77a03e26056715706f15c0/web/application/controllers/manage/product.php
```php…
-
### Hi! I've found an XSS vulnerability on your site.
XSS occurs when I type payloads in the "terminal"
For example, try this payloads for alert:
`@keyframes x{}`
``
``
Or this one for DoS…
-
Logtrail does not escape HTML characters, so it's possible for a malicious user to execute Cross-Site Scripting attacks by having script tags output in the logs in some way. Specifically, this is trou…
-
Example: https://tools.wmflabs.org/supercount/index.php?user=%22%3E%3Cmarquee%3EXSS%3C/marquee%3E%3Cscript%3Ealert%28%27XSS%27%29%3B%3C%2Fscript%3E&project=&toplimit=10
-
```
The description is senssible to Cross Site Scripting.
example: put this in the description:
alert(document.cookie)
Fix this:
description = $('').text(description).html();
```
Original issue re…
-
In ` :30`, there is unclosed ` `, which can lead to XSS attack.
```
```
-
```
Running asmSelect against this option will trigger the alert despite the
escaped text.
<script>alert('xss')</script>
Patch file is attached.
```
Original issue reported on code.…