Closed enferas closed 1 year ago
yes this is bug
Can you check is this issue exists in https://github.com/myvesta/vesta fork?
proposed a fix: https://github.com/serghey-rodin/vesta/pull/2258
fwiw VestaCP development has largely halted, notable maintained forks are https://github.com/hestiacp/hestiacp and https://github.com/myvesta/vesta
Thank you guys for the help
Hello,
I would like to report for possible XSS vulnerability.
In file https://github.com/serghey-rodin/vesta/blob/master/web/api/v1/upload/UploadHandler.php
the source in function post
function handle_file_upload
function generate_response
Finally, the sink in function body