If you find a vulnerability on this server you will be forever immortalized on this page!
Anonymous (Comment) 2021-06-15
Found a Stored XSS in the upload honeypot.
Due to a misconfiguration, CSP was not active on the honeypot. In addition file names were not escaped correctly.
Fix: Added CSP to honey pot and
htmlentities on file names.