Cross site scripting issue in OSQA about page #516

Open
anuvarman opened this Issue Dec 5, 2016 · 0 comments

Projects

None yet

1 participant

@anuvarman

I have installed OSQA successfully in my organisation. While doing the security check we found the XSS issue in the OSQA about page. For example we have tried the below entry in the OSQA About page using administration screen. Can someone please suggest any fix for XSS issue?

> <span class="orange" onmouseover="alert(12);">Q&amp;A</span>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment