Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and
privacy statement. We’ll occasionally send you account related emails.
Already on GitHub?
to your account
Steps to reproduce:
Implementing input validation and/or ensuring output sanitization as done for all other inputs/outputs.
Low risk since high privileges are required.
The text was updated successfully, but these errors were encountered:
Also works for redirection hosts with XSS domain payloads. If a redirection host is deleted, XSS payload is executed.
Sorry, something went wrong.
Merge pull request #1951 from NginxProxyManager/test-html-encode
Fix #1950 attempt to encode hdomain values before render
Thanks for the pickup.
Fixed in develop branch and will be out with the next release.
No branches or pull requests