Remember me

XSS vulnerability

1 year 2 days ago #1

  • Sabine Fessl-Hazar's Avatar
  • Sabine Fessl-Hazar
  • Posts: 1
Hello,

a white hat contacted me and informed me that there is XSS vulnerability in BaGallery.

This url to image when i click on it:
www.mydomain.xx/?nameofthegallery

Attacker can use it like that for getting a pop of XSS:
www.mydomain.xx/?nameofthegallery=1'"><img/src/onerror=.1|alert``>
Attachments:
Powered by Kunena Forum