enhanced-github icon indicating copy to clipboard operation
enhanced-github copied to clipboard
verified publisher icon softvar

Stored XSS Vulnerable

Open safe6Sec opened this issue 4 years ago • 1 comments

Use a browser that has installed extensions to access a GitHub repository containing malicious xss code in the file name, and you will be attacked by xss vulnerability。

as follows:
https://github.com/safe6Sec/xss

Vulnerability repair suggestions:
Filter keywords and characters: javascript " '

safe6Sec avatar May 21 '21 10:05 safe6Sec

safe6Sec avatar Jun 15 '21 05:06 safe6Sec