Project

General

Profile

Actions
Copy link

Bug #78

open
JA

json sanitation bypassed

Bug #78: json sanitation bypassed

Added by Josip Almasi over 4 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Start date:
06/23/2021
Due date:
% Done:

0%

Estimated time:

Description

{"object":{"Client":0},"changes":{"properties":{"<img src=1 onerror =alert(1)>":"string","number":123.456}}}

gets distributed, possible XSS

No data to display

Actions
Copy link

Also available in: PDF Atom