Impact
HTML tags in entity names are not sanitised (XSS vulnerability). Allows arbitrary code execution within the browser sandbox, among other things, simply from loading a file containing a script tag in any entity name.
Patches
Patched in version 1.28.1 of the application.
Workarounds
No possible workaround other than updating the application.
Impact
HTML tags in entity names are not sanitised (XSS vulnerability). Allows arbitrary code execution within the browser sandbox, among other things, simply from loading a file containing a script tag in any entity name.
Patches
Patched in version 1.28.1 of the application.
Workarounds
No possible workaround other than updating the application.