We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hello
I have found stored cross site scripting bug in subrion CMS version 4.0.3 in the Create Page functionality of the admin Account.
Steps to Reproduce:
Impact: Session cookies can be stolen , user can be redirected to phishing pages , browser of the user visiting this page can be controlled etc.
POC's have been uploaded.
Fix: Please sanitize the input taken from the user before directly storing the input at the backend.
The text was updated successfully, but these errors were encountered:
No branches or pull requests
Hello
I have found stored cross site scripting bug in subrion CMS version 4.0.3 in the Create Page functionality of the admin Account.
Steps to Reproduce:
Impact: Session cookies can be stolen , user can be redirected to phishing pages , browser of the user visiting this page can be controlled etc.
POC's have been uploaded.
Fix: Please sanitize the input taken from the user before directly storing the input at the backend.
The text was updated successfully, but these errors were encountered: