XSS attack possible using html.
vixtordev opened this issue ยท 0 comments
I pasted some HTML code into the minecraft chat, and I did a command with it, and JPanel treats it like html.
Example:
Steps to reproduce:
- Paste an html element into chat or run it as a command
- Just wait for it to pop up in the console
The reason this is lethal is because hackers can paste in java script code to force the console to execute a command.