concrete5: Stored XSS in Bio/Quote

2015-03-10T09:18:32
ID H1:50779
Type hackerone
Reporter ishahriyar
Modified 2015-07-08T18:37:26

Description

XSS payload can be executed and saved permanently in testimonial Bio/Quote. Poc code: "><img src=x onerror=alert(1)>