You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Scoreboard has an XSS exploit, you can rename yourself to <script src=url_to_bad_js_script_here> and then on showing scoreboard that code will be executed to everyone. Here's one example what cheaters can do with it:
Even tho this exploit is old af it became actual now cuz skids found bad script (ss above) which shows this crap and plays earrape and jails everyone and now they are going in every server doing it.
If someone is still working on this project I hope they will patch this exploit.
The text was updated successfully, but these errors were encountered:
Scoreboard has an XSS exploit, you can rename yourself to <script src=url_to_bad_js_script_here> and then on showing scoreboard that code will be executed to everyone. Here's one example what cheaters can do with it:
Even tho this exploit is old af it became actual now cuz skids found bad script (ss above) which shows this crap and plays earrape and jails everyone and now they are going in every server doing it.
If someone is still working on this project I hope they will patch this exploit.
The text was updated successfully, but these errors were encountered: