Light Mode
Dark Mode
Forum XSS link: bug or feature?

click javascript:alert() , it will run foreign code in js.checkio.org context

Good news: " -> &quot so autorun XSS are blocked

Feature? What about context changing? Attacker can use some obfuscated-like code to hack newbie users
Bug? Let's fix it

  • bug
  • feedback
Created: July 12, 2018, 7:50 a.m.
Updated: July 12, 2018, 8:11 a.m.
2
1
User avatar
cyclopentan