Open fofofofoxier opened 5 years ago
The editor alerts a prompt if type in such content:"<img src=x onerror=prompt(/joker/);>"
"<img src=x onerror=prompt(/joker/);>"
BTW, the phenomenon of html inject is quite terrible, I tryed typing in html tags with on* properties, the js always runs
on*
The editor alerts a prompt if type in such content:
"<img src=x onerror=prompt(/joker/);>"