| Название | Htmly Authenticated Stored Cross-Site Scripting(XSS) |
|---|
| Описание | HTMLy is an open source Databaseless Blogging Platform or Flat-File Blog prioritizes simplicity and speed written in PHP. HTMLy can be referred to as Flat-File CMS either since it will also manage your content.You do not need to use a VPS to run HTMLy, shared hosting or even free hosting should work as long as the host supports at least PHP 5.3.Htmly CMS does not filter the content correctly at the "edit profile" module, resulting in the generation of stored XSS.Add payload at the title of edit profile module (click the Save), We can see the alert. |
|---|
| Источник | ⚠️ https://github.com/liaojia-99/project/tree/main/htmly |
|---|
| Пользователь | joinia (UID 24916) |
|---|
| Представление | 16.03.2022 07:31 (4 лет назад) |
|---|
| Модерация | 16.03.2022 07:34 (3 minutes later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 195203 [htmly 5.3 Edit Profile Название межсайтовый скриптинг] |
|---|
| Баллы | 20 |
|---|