github-actions[bot]
commented
10 months ago This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 2 days.
Closed Sugobet closed 10 months ago
github-actions[bot]
commented
10 months ago This issue is stale because it has been open 60 days with no activity. Remove stale label or comment or this will be closed in 2 days.
github-actions[bot]
commented
10 months ago This issue was closed because it has been inactive for 14 days since being marked as stale.
When I used this plugin to write MD articles, I encountered a stored XSS vulnerability
Steps to reproduce the behavior:
Enable WP Githuber MD v1.16.2 plugin
Write new articles (via MD editor of this plugin)
Insert the following JS code:(Note that I added Tab spaces!!!)
Publish articles
Additional context
(Note that I added Tab spaces!!!),,,As an article, it should not take the content of the article as js code and let the client browser execute it, which is very dangerous and may lead to phishing
Server environment