Closed lankybox02 closed 2 years ago
adminLoadPost({"author": "<img src='' onerror='alert(1)' />", "content": btoa("e")})
You can inject absolutely any script using one line of code.
fixed 1.7
You can inject absolutely any script using one line of code.