Persistent cross-site scripting

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Blocker
    • Component/s: scriptler-plugin
    • None

      Persistent cross-site scripting vulnerability in Scriptler Plugin

      SECURITY-333
      Administrators are able to submit arbitrary HTML as description of Scriptler scripts that are shown verbatim to other administrators, allowing cross-site scripting attacks.

            Assignee:
            Dominik Bartholdi
            Reporter:
            Dominik Bartholdi
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: