-
## First Steps
1. Confirm that your issue has not been posted previously by searching here: https://github.com/beefproject/beef/issues
2. Confirm that the wiki does not contain the answers you see…
-
### Checklist
- [X] I've looked at the [documentation](https://summernote.org/deep-dive/) to make sure the behavior isn't documented and expected.
- [X] I'm sure this is an issue with Summernote, not…
-
## What is missing or needs to be updated?
This sentence is correct but misleading:
> IMPORTANT: Remember that Cross-Site Scripting (XSS) can defeat all CSRF mitigation techniques!
It can…
-
## First Steps
1. Confirm that your issue has not been posted previously by searching here: https://github.com/beefproject/beef/issues
2. Confirm that the wiki does not contain the answers you see…
-
**Describe the bug**
Stored XSS caused by remote malicious content.
**To Reproduce**
According to the rules of regular matching, remotely construct malicious vulnerability description content, in…
-
Hi @ozgrozer 👋
Great job on this. I've been working on something similar but found the choice to use iframe not very sensitive to security.
Any thoughts on how the current code could mitigate X…
-
Kali linux
Running URO for xss-urls.txt file...
New file is ready for XSS tes…
-
In ***AttributeSetFilter***, multiple parameters are not ***XSS*** filtered
*cn.keking.web.filter.AttributeSetFilter#setWatermarkAttribute*
.
**Валидаци…
-
While working on #6487, I stumbled upon a few problems:
1. `theme_icon()` was not allowing the use of `` elements in SVGs (they were being stripped out), while it was for example allowing ``, ``, `` …