Y
Hacker News
new
|
ask
|
show
|
jobs
by
eat_veggies
2976 days ago
This is vulnerable to super trivial stored XSS attacks. PoC:
https://www.managify.org/pd/notes/nr9Kh7fKaO9sdru%2FU1TA0uow...
It appears to accept and regurgitate whatever HTML you provide, including script tags!