BaHeK1994
BaHeK1994
System information ``` $ npm -v 7.14.0 $ nodejs -v v14.17.0 $ yarn -v 1.22.5 $ node_modules/webpack-dev-server/bin/webpack-dev-server.js -v @webpack-cli/serve 1.4.0 webpack 5.37.1 webpack-cli 4.7.0 webpack-dev-server 4.0.0-beta.3 ``` Command `yarn encore...
1) Open form  2) Open browser console 3) CKEDITOR.instances[textareaId].destroy(true); 4) Paste XSS  5) Submit 
### Steps to reproduce 1. Set commands from api: `curl 'https://api.telegram.org/bot{TOKEN}/setMyCommands?commands=%5B%7B%22command%22%3A%22test%22%2C%22description%22%3A%22test%22%7D%5D&scope=%7B%22type%22%3A%22all_group_chats%22%7D'` 2. Add bot to group 3. Press / for show commands hint ### Expected behaviour Hints are rarely displayed,...
https://github.com/alliedmodders/amxmodx/blob/363871a860d4550d71299130a8409f7e32d754e3/plugins/admincmd.sma#L257 https://github.com/alliedmodders/amxmodx/blob/363871a860d4550d71299130a8409f7e32d754e3/plugins/admincmd.sma#L392 Not checked isCommandArgSafe. It is enough to add a point for the exploit
Telegram bot api don't have parameter **schedule_date**. This is very necessary to send messages to the channel from the bot, which can be edited before publication.
Errors are being observed in the console. During these errors, the response from curl is `Сurl error Symfony\Component\HttpClient\Exception\TimeoutException (Idle timeout reached for "http://127.0.0.1:8081/bot***/getChatMemberCount".)`. Sometimes it goes away by itself, but...