Open Bingoyyj opened 1 year ago
I'm not apart of this project, but the info you're providing is very lacking in identifiers as well as any form of PoC to actually verify that this isn't just some local edit.
If you could provide site, package version (if applicable), ref links to PoCs, link to CVE, etc. it would help with public knowledge and awareness
Add this to the python script.
from html import escape
[...]
def clean_text(description):
[...]
return escape(description)
Describe the bug Stored XSS caused by remote malicious content.
To Reproduce According to the rules of regular matching, remotely construct malicious vulnerability description content, insert XSS payload into it, such as: or payload that steals cookies.
Screenshots
Affected Version Lastest.