A stored Cross Site Scripting (XSS) discovered in the 'Project Name' field.
We have sent an email to you with the Proof Of Concept (PoC) too.
didnt have received an email yet
We have already sent the email (email@example.com)
We will post the vulnerability information here too:
If we put for example as Project Name the:
we can see that our code will be stored and executed.
This popup alert will appear every time we trigger the Project Menu or
the Codiad loads the Project.
It seems that the input must be sanitized.
thanks for the poc, seems that the email was lost in my inbox, maybe @Fluidbyte has received it. Anyway, marked it as bug