@Marblue Are students simply being told to go around to projects including TinyMCE and open issues like these?
It's by design, my friend. Think about the security context here: The user would already need administrator privileges to access this form. If they want to add some javascript, they should be able to.
Hello, I found that this cms may have some security problem



you can edit your html on http://localhost/nc-cms/nc-cms/index.php?action=edit_html&name=home_content
and you can Input any evil js you want
The text was updated successfully, but these errors were encountered: