XSS
-
This plugin got an xss reflected at this url :
/wp-admin/options-general.php?page=pbpNewsticker&action=edit&ticker_id=999%27%22%3Cscript%3Ealert%281%29%3C%2Fscript%3EThere is also stored xss on the saved newstickers.
plz modify the plugin to escape js/html.
regards.
- The topic ‘XSS’ is closed to new replies.
