-
fwtf
Stored XSS in Chat
The value of content in /Messages/SendMessage is vulnerable to XSS attacks targeting single users of zapread via a msg.
Steps to reproduce:
Intercept a chat message wit…
-
See https://www.zapread.com/Post/Detail/4803#/
follow up on #118
-
https://www.zapread.com/user/1x
I recommend to use only white HTML tags
fervi updated
5 years ago
-
https://www.wykop.pl/wpis/42292955/napisalem-do-tworcy-zapread-by-w-miare-mozliwosci-/#comment-148702575
Source code
fervi updated
5 years ago
-
I suppose the bugged script blocks users (me too) from accessing the site to an IP address. You need to use TOR to use Zapread. Sometimes it's fixed, but it's not supposed to work ;)
fervi updated
5 years ago
-
[CodeFactor](https://www.codefactor.io/repository/github/horndev/zapread.com/overview/master) found an issue: The code must not contain multiple blank lines in a row.
It's currently on:
[zapread.com\…
-
An unusual error. I created group in zapread.com named linux-poland (http://zapread.com/Group/GroupDetail/38) and I have a moderator permission, but not have admin permission.
Similarly I created …
-
Zapread.com allows editing sended comments, but:
- the editing time should be visible so to let users know that it was editing.
- maybe can add history comment and post editing? Something like a …
-
After implement notification about comments and private messages it made a mess. Private messages are mixed with notification and users can not founded the needed information. We are should think abou…
-
When creating a long post, the text input window is a extended, but formatting panel is in one place at all time. This means that if you want to format a part of the text, you have to select it, scrol…