yii2-editable-widget icon indicating copy to clipboard operation
yii2-editable-widget copied to clipboard

Published 20 hours ago verified publisher icon 2amigos

The content of a textinput field is executable

Open albertborsos opened this issue 3 years ago • 0 comments

This line is pretty dangerous. Try to update a value to phpinfo in a textinput editable field, and refresh the page.

https://github.com/2amigos/yii2-editable-widget/blob/8de9559b20ed6a4af8a6cdd47bfa32b4f20c7bab/src/Editable.php#L105

albertborsos avatar Jan 06 '22 16:01 albertborsos