Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
XSS in user management page may lead to privilege escalation.
name
company
BTW, may I be rewarded with a CVE id? Appreciate it in advance.
The text was updated successfully, but these errors were encountered:
Fixing XSS injection via user profile editing -- thanks zhzzhz:
b2eff67
#332
Thanks for the report -- this has been fixed in the commit above.
For CVEs, please request one here: https://iwantacve.org/
Sorry, something went wrong.
CVE-2018-10364 has been assigned for this vulnerability.
@timbuckingham CVEs can be requested directly from MITRE using: https://cveform.mitre.org/
No branches or pull requests
XSS in user management page may lead to privilege escalation.
Reproduction:
namefield orcompanyfield. (Both of them are vulnerable)
---BTW, may I be rewarded with a CVE id? Appreciate it in advance.
The text was updated successfully, but these errors were encountered: