Hi, I found a denial of service vulnerability in bigtreecms 4,2,18.
The POC is below:
Login with Administrator and edit a page,then add a revision,input <svg/onload=alert(333)>
Then
And generate a wrong report, leak the source code,but you can’t save resivion any more
The text was updated successfully, but these errors were encountered:
Hi, I found a denial of service vulnerability in bigtreecms 4,2,18.

The POC is below:
Login with Administrator and edit a page,then add a revision,input <svg/onload=alert(333)>
Then

And generate a wrong report, leak the source code,but you can’t save resivion any more
The text was updated successfully, but these errors were encountered: