This repository has been archived by the owner on May 27, 2021. It is now read-only.

Cross-Site Scripting: Reflected #13

Open

QiAnXinCodeSafe opened this issue Jun 9, 2020 · 0 comments

QiAnXinCodeSafe commented Jun 9, 2020

PodcastDownloader/podcasts_manager.py

Line 154 in 17b2930

podname = request.args.get('podname')

PodcastDownloader/podcasts_manager.py

Line 249 in 17b2930

print(query)

Sending unvalidated data to a web browser can result in the browser executing malicious code.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.