Not a bug IMG xss vulnerabilities?

T

topkurs2

Active member
Affected version
2.2.5
IMG xss vulnerabilities?
Code: 
Hello [IMG alt="y"]http://site.com/x[/IMG] dolly
Code: 
Hello [IMG]http://site.com/g[/IMG] `Friend` [IMG alt="m"]https://site.com/x[/IMG] dolly
 
These do not look like vulnerabilities, no.

I'm going to close this off for now but if you have a more concrete example of how this could be a vulnerability you should disclose those details safely by reporting the issue in private so we can investigate, if necessary, before information about any vulnerabilities becomes public.
 

Similar threads

Digital Doctor
Xenforo vs vBulletin vs Invision - history of vulnerabilities (Xenforo the clear winner)
Replies
13
Views
597
Digital Doctor
Digital Doctor
DEDinPALTO
Not a bug A serious vulnerability related to the implementation of the code on js.
Replies
1
Views
2K
Chris D
Chris D
ibnesayeed
Not a bug XSS vulnerability in jQuery version used in XF 1.5
Replies
3
Views
3K
Chris D
Chris D
Live Free
How do you stay up-to-date on vulnerabilities, monitoring, etc.
Replies
4
Views
1K
eva2000
eva2000
Mike
  • Sticky
Handling Security Vulnerabilities in Resources
Replies
9
Views
9K
Codeless
Codeless
Back
Top Bottom