Open z9fr opened 2 years ago
hi, you got a nice website. but while im just trying to send a message i noticed that the response is vulnerable to xss
you can trigger it via
<img src='#' onerror=alert(1) />
probably a easy fix would be just to encode the characters.
hi, you got a nice website. but while im just trying to send a message i noticed that the response is vulnerable to xss
you can trigger it via
probably a easy fix would be just to encode the characters.