New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

There is a XSS #822

D4rkD0g opened this Issue Oct 20, 2018 · 0 comments


None yet
1 participant

D4rkD0g commented Oct 20, 2018

when I set the title at the "Blog Basic Setting",I found there is not a sanitizer to filter the malicious code, such as "><script>alert("LambdaX")</script>.If I click the "likes" button at target's blog, when others open this blog, there is a pop window.


Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment