qmlcore XSS for text input, text node, and incorrect Number input parsing

XSS for text input, text node, and incorrect Number input parsing

Open lifeart opened this issue 8 years ago • 0 comments

for text input -> <a href="clickme" onclick="alert(12);">clickme</a> -> gives an XSS issue, for text node in template -> <a href="clickme" onclick="alert(12);">clickme</a> -> gives an XSS issue, for number input -> <a href="clickme" onclick="alert(12);">clickme</a> -> gives eee12e result

Aug 14 '17 16:08 lifeart

qmlcore qmlcore copied to clipboard

XSS for text input, text node, and incorrect Number input parsing

qmlcore
qmlcore copied to clipboard