Stored XSS in Resources in francoisjacquet/rosariosis
Jun 2nd 2022
Website does incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Steps to reproduce [it works on Firefox (not in chromium based browsers)]
https://www.rosariosis.org/demonstration/ and login with administrator account
3.Create new link with content
4.Click the link and observe a pop up