stored XSS in "http://<APP-IP>/people/<ID>/avatar"
d4rks1d33 opened this issue · comments
D4rk$1d3 commented
Is possible to perform a stored XSS uploading a malicious image
Let me know if you need more information about this bug and how to reproduced it
Alexis Saettler commented
Please send any detail to security@monicahq.com