There are two Stored-XSS Vulnerabilities in the backstage
We can make the Stored-XSS via edit the Projects or Main
poc:
fix:
Strictly verify user input, you must perform strict checks and html escape escaping on all input scripts, iframes, etc. The input here is not only the input interface that the user can directly interact with, but also the variables in the HTTP request in the HTTP request, the variables in the HTTP request header, and so on.
The text was updated successfully, but these errors were encountered:
There are two Stored-XSS Vulnerabilities in the backstage

We can make the Stored-XSS via edit the Projects or Main
poc:
fix:
Strictly verify user input, you must perform strict checks and html escape escaping on all input scripts, iframes, etc. The input here is not only the input interface that the user can directly interact with, but also the variables in the HTTP request in the HTTP request, the variables in the HTTP request header, and so on.
The text was updated successfully, but these errors were encountered: