• Welcome to the Chevereto User Community!

    Here, users from all over the world come together to learn, share, and collaborate on everything related to Chevereto. It's a place to exchange ideas, ask questions, and help improve the software.

    Please keep in mind:

    • This community is user-driven. Always be polite and respectful to others.
    • Support development by purchasing a Chevereto license, which also gives you priority support.
    • Go further by joining the Community Subscription for even faster response times and to help sustain this space
  • Chevereto Support CLST

    Support response

    Support checklist

    • Got a Something went wrong message? Read this guide and provide the actual error. Do not skip this.
    • Confirm that the server meets the System Requirements
    • Check for any available Hotfix - your issue could be already reported/fixed
    • Read documentation - It will be required to Debug and understand Errors for a faster support response

Possible XSS Bug

I

imgyukle

💖 Chevereto Fan
▶🚶‍Reproduction steps
  1. Select an image for upload, then edit image title-description and write "><svg/onload=prompt(document.domain);>
  2. After upload image and visit your uploaded image, you got a message
😢Unexpected result

Example image url ; https://imgyukle.com/i/YOPlUj https://imgyukle.com/i/YOomD6

📃Error log message

Also, If you enabled Akismet Spam protection, blocking upload, please test while Akismet Disabled.
 
You must log in or register to reply here.
Back
Top