Link to posts in the same 4chan thread with "@".
< 脚本@-posting的反馈
Script injection vulnerability
The script as is takes the text value of a node and assigns it to the HTML of its replacement. So if the text contains something like <img onerror=alert(0) src=x> that gets converted to HTML.
<img onerror=alert(0) src=x>
登录以发表回复。
Script injection vulnerability
The script as is takes the text value of a node and assigns it to the HTML of its replacement. So if the text contains something like
<img onerror=alert(0) src=x>that gets converted to HTML.