Hacker News new | ask | show | jobs
by projectmeshnet 5130 days ago
XSS Vulnerable. USE AT YOUR OWN RISK
1 comments
tferris 5130 days ago
Please explain
link
projectmeshnet 5130 days ago
https://github.com/lakkadshah/SImple-Chat-Server/issues/1

<IMG """><SCRIPT>alert("XSS")</SCRIPT>">

link
sixcorners 5130 days ago
When you set your name you can include arbitrary HTML it seems.

It's hard to tell.. Not sure if I am just running javascript on my machine.. It's very laggy.

Edit: Looks like it is fixed now.

link