Found an xss vulnerability in diblix: https://diblix.com/profile?id=167
You can run arbitrary javascript which is obviously not good
do you know how to prevent it?
Either use a regex so you can't use arbitrary characters in a username (best solution) or set element.innerText instead of element.innerHTML
well in beta 2.0 you can only use letters numbers and underscores so i think that solves it
Oh good
if i were you i would advertise my diblix profile for some easy subs on wasteof
might be a bit different now lol