flatpressblog / flatpress

FlatPress is a lightweight, easy-to-set-up flat-file blogging engine.
https://flatpress.org
GNU General Public License v2.0
185 stars 57 forks source link

Possible XSS in config panel #187

Closed azett closed 1 year ago

azett commented 1 year ago

Config panel in Admin Area allows for possible XSS due to unsufficient input sanitation. (Details follow.)

azett commented 1 year ago

Fixed with 0ee4f2e8a7b9276880b56858e408cc9c6643cc3b