Osclass Support Forums
Unread
New Replies
Osclass Market
Download Osclass
Documentation
Home
Help
Search
Login
Register
XSS vulnerability
Osclass Support Forums
Osclass plugin support
User Rating Plugin
XSS vulnerability
Match all words
Match any words
Most relevant results first
Largest topics first
Smallest topics first
Most recent topics first
Oldest topics first
Advanced
Show unread posts since last visit
Show new replies to your posts
Print
Pages: [
1
]
Tango
214 posts
XSS vulnerability
«
on:
September 25, 2021, 02:31:09 AM »
Please note that the plugin doesn't sanitize the input field, leading to a XSS vulnerability right in the admin, as you can see in the attached screenshot.
Code:
[Select]
http://" onclick="alert(1)"
Plugin version: 2.0.0
Logged
Marked as best answer by
frosticek
on October 25, 2021, 10:43:23 AM
MB Themes
Support team
16978 posts
Only quality matters
Download Osclass
Re: XSS vulnerability
«
Reply #1 on:
September 27, 2021, 02:49:03 PM »
@Tango
Thank you, will be fixed in next update.
Logged
To get fast support, we need following details:
Detail description, URL to reproduce problem, Screenshots
Print
Pages: [
1
]