Skip to content

XSS for text input, text node, and incorrect Number input parsing #67

New issue
New issue
Open
Open
XSS for text input, text node, and incorrect Number input parsing#67
Assignees
whoozle
Labels
bug
@lifeart

Description

@lifeart
lifeart
opened on Aug 14, 2017

for text input -> <a href="clickme" onclick="alert(12);">clickme</a> -> gives an XSS issue,
for text node in template -> <a href="clickme" onclick="alert(12);">clickme</a> -> gives an XSS issue,
for number input -> <a href="clickme" onclick="alert(12);">clickme</a> -> gives eee12e result

Metadata

Metadata

Assignees

Labels

bug

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions