This repository has been archived by the owner on Jan 27, 2023. It is now read-only.
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.
Summary
The parameter export_files is not sanitized, so attackers can poison this parameter and then create a reflected XSS attack.
POC
https://i-librarian.net/demo/export.php?export_files="><script>alert(1)</script>Detail
The flaw exists since $get_post_export_files was assigned to a GET parameter without sanitizing
then, $get_pos_export_files was printed without escaping
The text was updated successfully, but these errors were encountered: