Not a bug IMG xss vulnerabilities?

T

topkurs2

Active member
Licensed customer
Affected version
2.2.5
IMG xss vulnerabilities?
Code: 
Hello [IMG alt="y"]http://site.com/x[/IMG] dolly
Code: 
Hello [IMG]http://site.com/g[/IMG] `Friend` [IMG alt="m"]https://site.com/x[/IMG] dolly
 
Can you clarify what you're reporting here, if anything? Or are you testing something?
 
These do not look like vulnerabilities, no.

I'm going to close this off for now but if you have a more concrete example of how this could be a vulnerability you should disclose those details safely by reporting the issue in private so we can investigate, if necessary, before information about any vulnerabilities becomes public.
 

Similar threads

Digital Doctor
Xenforo vs vBulletin vs Invision - history of vulnerabilities (Xenforo the clear winner)
Replies
13
Views
606
Digital Doctor
Digital Doctor
ibnesayeed
Not a bug XSS vulnerability in jQuery version used in XF 1.5
Replies
3
Views
3K
Chris D
Chris D
Live Free
How do you stay up-to-date on vulnerabilities, monitoring, etc.
Replies
4
Views
1K
eva2000
eva2000
Mike
  • Sticky
Handling Security Vulnerabilities in Resources
Replies
9
Views
9K
Codeless
Codeless
giorgino
  • Question Question
XSS vulnerability with swfupload
Replies
3
Views
3K
tenants
tenants
Back
Top Bottom