logstation icon indicating copy to clipboard operation
logstation copied to clipboard

Security vulnerability - Cross-Site Scripting

Open vitalysim opened this issue 6 years ago • 0 comments

I used "logstation" to log HTTP requests, I noticed the "logstation" interprets HTML. For example, if I send http://xxx.xxx.xxx/xxx.php?a=<dETAILS%0aopen%0aonToGgle%0a=%0aa=prompt,a() x>

And I log the requests and display it in "logstation" the HTML will be interpreted

vitalysim avatar Oct 29 '18 06:10 vitalysim