When I click save button,the http request like this:
And the rowspage parameter was not XSS filtered resulting in storage XSS vulnerability
EXP is as follows:
The result of EXP is as follows:
The text was updated successfully, but these errors were encountered:
I have found a stored Cross Site Scripting vulnerability in http://127.0.0.1/admin/?/plugin/comment/settings
When I click save button,the http request like this:
And the rowspage parameter was not XSS filtered resulting in storage XSS vulnerability
EXP is as follows:
The result of EXP is as follows:
The text was updated successfully, but these errors were encountered: