Bypassing markdown based stored XSS filters
- Title: Bypassing markdown based stored XSS filters
- Types: Cross-Site Scripting (XSS)
- Link: https://hackerone.com/reports/120369
- Date: 2016-03-03 11:54:40 -0600
- By: a0xnirudh
Details: Hello team,
I was going through the methods by which you were sanitizing user input to fix my other 2 stored XSS vulnerabilities namely #116697 and #118024 and suddenly I understood that you filtering mechanisms are not proper and its bypassable.
Here is another Stored XSS based on Markdown:
Hope this bug will also get resolved soon ! Thanks !