Skip to content

Stored XSS #1660

Closed
Closed
@delyura

Description

Hello, we found the stored xss.
Tested on latest version 0.9.20.
Poc:

  1. Write a DM to any user
    Screenshot_1
  2. Then read the incoming message and press "quote" to quote the message with payload. Press the button Response.
    Screenshot_2
  3. XSS execute
    Screenshot_3

Metadata

Assignees

Labels

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions