blob: e6283435da987482c31732e5d91cac531c7af2f9 (
plain)
1
2
3
4
5
6
7
8
9
10
|
## Exploit
1. At `http://10.0.2.15/?page=feedback` there is a form whose content can be input by users and that is not filtered in any way
1. Simply add a feedback with any name and a message containing an HTML script to execute, for example `<script>alert(123)</script>`
## Fix
[https://owasp.org/www-project-web-security-testing-guide/stable/4-Web_Application_Security_Testing/07-Input_Validation_Testing/02-Testing_for_Stored_Cross_Site_Scripting]()
Never render untrusted HTML, JS, CSS or URLs without encoding/sanitization.
|
