Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

XSS Vulnerability #286

Closed
adrianomarcmont opened this issue Oct 2, 2020 · 4 comments
Closed

XSS Vulnerability #286

adrianomarcmont opened this issue Oct 2, 2020 · 4 comments

Comments

@adrianomarcmont
Copy link

Hi Formstone team.

We are BRZTEC, a offensive information security firm from Brazil.

When performed a pentest in one of our customers we found a XSS vulnerability that affect default installation of Formstone.

Please, do you can tell us a secure channel to send to yours more details about this vulnerability?

Please visit the website https://cveform.mitre.org/ and see more details on how to request a CVE ID and please acknowledge the finding to our company.

If you have any difficulties let us help you.

Best Regards.

Adriano Monteiro
Information Security Specialist
adriano@brztec.com
+55 31 99255-3329
https://www.brztec.com

@benplum
Copy link
Contributor

benplum commented Oct 3, 2020 via email

@adrianomarcmont
Copy link
Author

Done!

@benplum
Copy link
Contributor

benplum commented Oct 6, 2020

Thanks, resolved in 1.4.17.

@benplum benplum closed this as completed Oct 6, 2020
@adrianomarcmont
Copy link
Author

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants