Намедни собрался поискать задачи в архиве, но столкнулся с багом(фичей). При поиске "ready" мне выдает задачу розетки. Что пошло не так?
№ | Пользователь | Рейтинг |
---|---|---|
1 | tourist | 4009 |
2 | jiangly | 3823 |
3 | Benq | 3738 |
4 | Radewoosh | 3633 |
5 | jqdai0815 | 3620 |
6 | orzdevinwang | 3529 |
7 | ecnerwala | 3446 |
8 | Um_nik | 3396 |
9 | ksun48 | 3390 |
10 | gamegame | 3386 |
Страны | Города | Организации | Всё → |
№ | Пользователь | Вклад |
---|---|---|
1 | cry | 167 |
2 | Um_nik | 163 |
3 | maomao90 | 162 |
3 | atcoder_official | 162 |
5 | adamant | 159 |
6 | -is-this-fft- | 158 |
7 | awoo | 156 |
8 | TheScrasse | 154 |
9 | Dominater069 | 153 |
9 | nor | 153 |
Название |
---|
Further investigation: depending on the selected archive task page, different tasks are shown. But still not related to the
ready
theme.Auto comment: topic has been translated by KhB (original revision, translated revision, compare)
The same for word "class":
Auto comment: topic has been updated by KhB (previous revision, new revision, compare).
Автокомментарий: текст был обновлен пользователем KhB (предыдущая версия, новая версия, сравнить).
Try this payload on handle search:
<script\x20type="text/javascript">javascript:alert(1); ,
it should give "no such user" while it gives an error page. Might be vulnerable, I am not a tester. I was afraid to ask this in a post seeing a lot of downvotes in one of my posts.
Also words "remove", "click", "response", "function", "alert", "type", "toggle" and "codeforces" gives same result. Even parts of the link "sta.codeforces.com/s/" works in the same way.
It is really strange, that it works only on problemset page and gives only the first problem.