Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Found XSS Bug On TITLE while scanning (Security Bug) #178

Closed
omemishra opened this issue Jul 29, 2020 · 7 comments · Fixed by #194
Closed

Found XSS Bug On TITLE while scanning (Security Bug) #178

omemishra opened this issue Jul 29, 2020 · 7 comments · Fixed by #194
Labels
bug Something isn't working Security Security related issues top-priority

Comments

@omemishra
Copy link

Hello Brother,

first of all nice tool and we done,

i was looking into the application and i find that there is a security issue on your tool,

i mean if a website title is "><img/src=x onmouseover=alert(11)> it will execute ...

Means there is xss..

Take Care
@issue-label-bot
Copy link

Issue-Label Bot is automatically applying the label bug to this issue, with a confidence of 0.87. Please mark this comment with 👍 or 👎 to give our bot feedback!

Links: app homepage, dashboard and code for this bot.

@issue-label-bot issue-label-bot bot added the bug Something isn't working label Jul 29, 2020
@omemishra
Copy link
Author

Screenshot-20200730032901-1865x987

@yogeshojha yogeshojha added Security Security related issues top-priority labels Jul 30, 2020
@yogeshojha
Copy link
Owner

Thank you so much for bringing this to the attention. This will be fixed

@omemishra
Copy link
Author

You are welcome brother .....

Tc

@yogeshojha yogeshojha mentioned this issue Aug 1, 2020
Merged
@yogeshojha
Copy link
Owner

Thank you very much for reporting this!

https://github.com/yogeshojha/rengine/blob/master/.github/SECURITY.md

@yogeshojha
Copy link
Owner

If you find any other instances of XSS, feel free to report them on separate issue.

yogeshojha added a commit that referenced this issue Aug 1, 2020
@yogeshojha
Merge pull request #194 from yogeshojha/fix/xss
78819fb 
Fix for XSS issue in #178
@omemishra
Copy link
Author

Thanks bro ....

Sure will do that....

Tc

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working Security Security related issues top-priority
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix for XSS issue in #178 yogeshojha/rengine
2 participants
@yogeshojha @omemishra