secDevLabs icon indicating copy to clipboard operation
secDevLabs copied to clipboard
verified publisher icon globocom

[A3] - Injection XSS - Gossip World

Open juliajamile opened this issue 3 years ago • 0 comments

This solution refers to which of the apps?

A3 - Gossip World

What did you do to mitigate the vulnerability?

I removed the | safe that allow the passage and execution of javascript code.

Did you test your changes? What commands did you run?

I tested the attacks given in the problem and could not reproduce the same errors.

juliajamile avatar Sep 22 '22 17:09 juliajamile