HTML - injection

Disclosed: 2021-10-12 23:18:58 By b6bfe1fb5d9fa76d75aeb40 To wakatime
Unknown
Vulnerability Details
Hello try to write this <p onload="javascript:alert('sss');">Done</p> <strike> test </strike> in the comments it will run. https://wakatime.com/blog/26-download-your-team-activity-as-csv#comments
Actions
View on HackerOne
Report Stats
  • Report ID: 245233
  • State: Closed
  • Substate: not-applicable
Share this report