You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The first XSS vulnerablity
Question and answer module. In the Question supplement function, when inserting a link, fill in "> < SVG / onload = alert ('xss') > <! -- in the address item to form a stored XSS.This vulnerability can be triggered when any visitor views the issue
The second XSS vulnerablity
Stored XSS exists in the title item of online submission module, and the payload is as follows <script>alert (1)</script>
The specific location of the vulnerability is shown in the figure below,After the submission is approved by the admin user, the vulnerability will be triggered when the administrator opens the content management page.
The first XSS vulnerablity
Question and answer module. In the Question supplement function, when inserting a link, fill in "> < SVG / onload = alert ('xss') > <! -- in the address item to form a stored XSS.This vulnerability can be triggered when any visitor views the issue
The second XSS vulnerablity
Stored XSS exists in the title item of online submission module, and the payload is as follows <script>alert (1)</script>
The specific location of the vulnerability is shown in the figure below,After the submission is approved by the admin user, the vulnerability will be triggered when the administrator opens the content management page.