Hnto
commented
2 years ago @JeroenBoersma Thanks for your PR. I've merged it and will be releasing a new version in time.
Closed JeroenBoersma closed 2 years ago
Hnto
commented
2 years ago @JeroenBoersma Thanks for your PR. I've merged it and will be releasing a new version in time.
The Slider configuration contains the current url, which could be escaped adding a single quote
'.This way it was possible to add reflected XSS in the URL For obvious reasons I will not add the URL's used here.