xheditor online editor lead to stored xss-vulnerability warning-the black bar safety net

ID MYHACK58:62201235488
Type myhack58
Reporter 佚名
Modified 2012-11-10T00:00:00


Brief description:

The issue before the hair, http://tmxk.org/thread-411-1-1.html that This is at the limit of the Source mode in the case appearxss.

Detailed description:

First, the official website deomo for testing.




[Test example] the


[Description of case] Soufun, phpsoso, the kingcms. http://tmxk.org/thread-676-1-1.html

Repair solutions:

The label for the url validation, coding or filtering