At https://www.html-js.cn/users/userContents
Pop up a web page window
Log in to the administrator demo account and go to the “This is test, please detele” edit. Click 'XSS' to pop up a web page
The text was updated successfully, but these errors were encountered:
After logging in to individual users, go to https://www.html-js.cn/users/userAddContent
Insert XSS payload in 摘要 and 详情, publish;

The POC request is:

At https://www.html-js.cn/users/userContents


Pop up a web page window
Log in to the administrator demo account and go to the “This is test, please detele” edit. Click 'XSS' to pop up a web page
The text was updated successfully, but these errors were encountered: