XSS store in nickname paramerter when install

[Nguyen-Trung-Kien]

Hi team, when i install i will check xss in it and it so bad when i found xss store in this look that

and result

it's so bad, please fix it

[fuzegit]

We'll fix it of course, but who in their right mind would do that when installing their own site?

[Nguyen-Trung-Kien]

I thinks it bug in your project, and i don't know who inject xss payload :))

[fuzegit]

We'll fix it, thank you. But it's in the CMS installer, you understand that it's unrealistic to use this XSS.