Fix XSS in Alert, Carousel, Collapse, Dropdown and Modal

2026-06-05 16:42:29 +03:00 · 2017-08-26 11:43:06 +02:00
parent 4731b239b1
commit 29f9237f73
7 changed files with 23 additions and 7 deletions
@@ -66,7 +66,9 @@
      </div>
    </div>
  </div>
-
+  <button class="btn" data-toggle="collapse" data-target="<img src=x onerror=alert(0)>">
+    Collapse with an XSS
+  </button>
 </div>

 <!-- JavaScript Includes -->