Target | News |
Subject | WYSIWYG Editor for BB-Code |
Summary | All WYSIWYG Editors for XOOPS is potentially vulnerable.Because such WYSIWYG Editors need the setting of "HTML Allow".Of course, you don't allow HTML for anonymous access.It cause Script Insertion (HTML Injection) easily.But it is not so safe that you ... |