translate-man icon indicating copy to clipboard operation
translate-man copied to clipboard

Published 20 hours ago verified publisher icon magic-FE

Cross site scripting attack vulnerability

Open ymyf opened this issue 6 years ago • 2 comments

This plugin has the function of automatic translation after word segmentation. When XSS statements are entered, malicious code is executed. For example, 哈哈哈 "><img src=1 onerror=alert (document.cookie) >" 此时会把中文翻译成英文,并且执行xss语句 This will translate Chinese into English and execute XSS statement. 1 2 3

ymyf avatar Aug 15 '18 04:08 ymyf

Thank you for your feedback.

cloudfroster avatar Aug 18 '18 03:08 cloudfroster

You Are Welcome.

ymyf avatar Aug 18 '18 03:08 ymyf