Hi team I found a XSS vulnerabillity on the latest pgAdmin4 (6.12). Step by step
Bug is at API /browser/server/obj/7/ Object -> Register -> Server -> Connection Fill in Hostname/address value ss"><iframe src=javascript:alert(document.domain)> Click save, XSS fired Anymore information, you can ask me Thanks khoabda
