nivcoo
commented
3 years ago I just looked at it is only visual there is the money that is taken
Closed wildmaster84 closed 3 years ago
nivcoo
commented
3 years ago I just looked at it is only visual there is the money that is taken
wildmaster84
commented
3 years ago Yes exactly, it should take 15.00 but takes 0.
nivcoo
commented
3 years ago No, it takes 15.00 if the item is 15.00
wildmaster84
commented
3 years ago No, it takes 15.00 if the item is 15.00
yes i know but the bug lets you get the item for free
nivcoo
commented
3 years ago I just tested with the bug, if I do the bug it displays 0 but it still takes the money from the item because the display is in javascript that's all
Using a json format such as
{\ngives 100% off on any shop item.The voucher discount system allows code injection.
To Reproduce | Pour reproduire le bug go to your /shop and for the voucher code use "{\n" and click purchase.
Steps to reproduce the behavior: | Étapes pour reproduire le bug :
Go to '/shop'
Click on 'Shop item'
Scroll down to 'text box below price'
Enter '{\n' and click purchase
Expected behavior | Ce qui aurait dû se passer
To return an error that says the code is invalid
Screenshots
MineWeb (please complete the following information):
OS: Ubuntu 20.04
Microsoft Edge Beta
Version : 1.13.0
Web server : Apache2
Path to logs (upload the content off /app/tmp/logs/error.log https://pastebin.com/AAkh44ZQ