Authenticated Stored XSS in YesWiki
Authenticated Stored XSS in YesWiki wiki-href'upload', $this-wiki-GetPageTag, "file=$this-file" . '" class="btn btn-primary" ' . t'UPLOADFILE' . ' ' . $this-file . ''; The file name attribute is not properly sanitized when returned to the client, therefore allowing the execution of malicious...