This repository has been archived by the owner on Jan 10, 2019. It is now read-only.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.
Steps to Reproduce
1、Login the backstage
http://127.0.0.1/DiliCMS-develop-3.x/admin/index.php
2、Go to System setting->site setting

3、add the following payload to the fourth textbox

1"<script>alert(123)</script>
4、Save and see the announcement we just posted

And then Stored-XSS triggered ...
The text was updated successfully, but these errors were encountered: