Security: script can be injected via custom html editor

apinf / platform

Apinf - Open source API management platform with multi proxy and protocol support

https://apinf.com/

European Union Public License 1.1

74 stars 35 forks source link

Open Nazarah opened 5 years ago

Nazarah commented 5 years ago

Reproduction Step:

Actual Result: On arrival, a popup appears where user can paste strings/scripts.