You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
the xss is on the page 'admin/pages/new',add a text new page, fill the <img src=1 onerror=alert(1)> in the 'Navigation Title* (this is displayed on navigation menus)' field
The text was updated successfully, but these errors were encountered:
I was sure all the inputs were sanitising data but appears not. I suppose at this point an attacker would already have access to your admin dashboard so the site would already be compromised.
the xss is on the page 'admin/pages/new',add a text new page, fill the
<img src=1 onerror=alert(1)>
in the 'Navigation Title* (this is displayed on navigation menus)' fieldThe text was updated successfully, but these errors were encountered: