server icon indicating copy to clipboard operation
server copied to clipboard
verified publisher icon hashtopolis

[BUG]: Possible CSS injection

Open gluafamichl opened this issue 8 months ago • 0 comments

Version Information

0.14.4 Dev

Hashcat

No response

Description

Possible CSS injection in Drop Down lists.

  • Create a new hashlist
  • Set a valid HTML image tag as hashlist name
  • Save hashlist The name is correctly saved as string in the database, but when creating a new task, the image instead of the name is displayed in the hashlist drop-down list.

gluafamichl avatar Apr 15 '25 11:04 gluafamichl