bradhurley
commented
9 years ago (Irony) This wiki happened to strip out the script tag that I tried to include in my example above.
Open bradhurley opened 9 years ago
bradhurley
commented
9 years ago (Irony) This wiki happened to strip out the script tag that I tried to include in my example above.
A PCI scan of my website identified injection attack issues with the Wiki module.
I did some testing and was able to execute some javascript code on a Wiki page in one of two ways:
1) By putting the script in the query string (i.e., wiki?topic=
2) By putting the script in a Wiki comment
Are there any plans to resolve these issues?