Reflected XSS Vulnerability
-
Any valid call to admin-ajax.php, replace the instance ID parameter with “%22%3E%3CiMg%20src%3dN%20onerror%3dprompt(0x000009)%3E”and you have the ability to run an arbitrary script on your page.
Would love a patch to prevent this, if possible.
The page I need help with: [log in to see the link]
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Reflected XSS Vulnerability’ is closed to new replies.
