Closed RealFX-Code closed 8 months ago
I managed to execute JavaScript from a game client to the browser. This was incredibly easy to do and could be easily exploited from a malicious user.
https://github.com/JLyne/LiveAtlas/assets/25106569/1ccb6f31-6a48-4174-8fb2-49f535111efb
Oops, was under the impression dynmap escaped chat messages like it does with markers. Fixed.
I managed to execute JavaScript from a game client to the browser. This was incredibly easy to do and could be easily exploited from a malicious user.
https://github.com/JLyne/LiveAtlas/assets/25106569/1ccb6f31-6a48-4174-8fb2-49f535111efb