Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi team,
I find XSS via modul post loop in Pages
Step:
add section in manage sections
add new post then choose options in modify page (a new post must be created for the setting to take effect)
In Post Loop inject javascript
save and view
The text was updated successfully, but these errors were encountered:
NWI settings for admins only (optional)
26b9c1a
Addresses issue #525 - new option to restrict access to NWI settings only to the administrators group, to which only trustworthy users should belong.
Commit 26b9c1a included in https://github.com/WBCE/WBCE_CMS/releases/tag/1.5.4
Sorry, something went wrong.
No branches or pull requests
Hi team,
I find XSS via modul post loop in Pages
Step:
add section in manage sections


add new post then choose options in modify page (a new post must be created for the setting to take effect)


In Post Loop inject javascript

save and view

The text was updated successfully, but these errors were encountered: