We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Your example is not reproducible:
payload in "Blog Content"
FluxBB doesn't have "Blog Content"
Now go to the URL: https://127.0.0.1/fluxbb/post.php?action=post&fid=1 Put the payload in Content:
post.php on its form does not contain Content field
and the attacker can able to steal the cookie according to the crafted payload.
In FluxBB, user cookies are not accessible from javascript. The httponly flag is enabled by default. https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies
Or are you talking about admin functions (files admin_*.php)?
P.S. MioVisman/FluxBB_by_Visman#13
The text was updated successfully, but these errors were encountered:
A month has passed, but there is no confirmation of this vulnerability.
Sorry, something went wrong.
No branches or pull requests
Your example is not reproducible:
FluxBB doesn't have "Blog Content"
post.php on its form does not contain Content field
In FluxBB, user cookies are not accessible from javascript. The httponly flag is enabled by default.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Cookies#restrict_access_to_cookies
Or are you talking about admin functions (files admin_*.php)?
P.S. MioVisman/FluxBB_by_Visman#13
The text was updated successfully, but these errors were encountered: