Open ghost opened 5 years ago
At this moment almost all controllers are using an ancient concept of storing HTML tags in database with no validation whatsoever
A few ways (there is may be a lot more) to inject anything including Githubissues.
At this moment almost all controllers are using an ancient concept of storing HTML tags in database with no validation whatsoever
A few ways (there is may be a lot more) to inject anything including Githubissues.