Alikhan Uzakov
Results
2
issues of
Alikhan Uzakov
Following the email conversation with David I am raising this security issue as agreed (or some might say a feature/expected behavior) **Summary** By using the "mailto?attach=..." parameter, a website can...
There is an XSS(Cross-site scripting) present in the file upload functionality, where someone can upload a file with malicious filename, which contains JavaScript code, which would results in XSS. Example:...