• Welcome to the Chevereto user community!

    Here users from all over the world gather around to learn the latest about Chevereto and contribute with ideas to improve the software.

    Please keep in mind:

  • Chevereto Support CLST

    Support response

    Support checklist

    • Got a Something went wrong message? Read this guide and provide the actual error. Do not skip this.
    • Confirm that the server meets the System Requirements
    • Check for any available Hotfix - your issue could be already reported/fixed
    • Read documentation - It will be required to Debug and understand Errors for a faster support response

Possible XSS Bug

I

imgyukle

💖 Chevereto Fan
▶🚶‍Reproduction steps
  1. Select an image for upload, then edit image title-description and write "><svg/onload=prompt(document.domain);>
  2. After upload image and visit your uploaded image, you got a message
😢Unexpected result

Example image url ; https://imgyukle.com/i/YOPlUj https://imgyukle.com/i/YOomD6

📃Error log message

Also, If you enabled Akismet Spam protection, blocking upload, please test while Akismet Disabled.
 
You must log in or register to reply here.
Back
Top