callmeaq issues

Repositories
Issues
Comments

Results 2 issues of


                                            callmeaq

A stored XSS vulnerability exists in the published article

1. In 'Article Publishing', write an XSS payload, and a pop-up window will appear directly due to the preview function. ![xsswriting](https://user-images.githubusercontent.com/90312940/233023602-e7c47be0-163e-420c-9b54-c7a7bbca7eac.png) 2. After publishing the article, come to the front...

There is a CSRF vulnerability in the personal settings

1. First, log in to the background, click Personal Settings. There is no captcha here and there is no requirement to verify the old password, try CSRF. ![personalsettings](https://user-images.githubusercontent.com/90312940/233003689-e21bbe9a-0c34-460e-a526-b03ddbf41142.png) 2. Then,...