Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Describe the bug Cross Site Scripting (XSS) in the fiekd tooltip section of the members add page. version: 4.2.1
To Reproduce Steps to reproduce the behavior:
Go to 'CMS Field Add page' Insert into a XSS payload in tooltip section And XSS save Go to 'Members add page' xss payload works automatically
The text was updated successfully, but these errors were encountered:
Why would a person that has access to admin panel dot this type? Just curious how you see it.
Sorry, something went wrong.
A person who has infiltrated the system can try all means from a malicious point of view. And that's one of the options he could look at
I want to get cve like this. A cve has been given in your previous products for such clarity. Can you help me?
Thanks.
@vbezruchkin
No branches or pull requests
Describe the bug
Cross Site Scripting (XSS) in the fiekd tooltip section of the members add page.
version: 4.2.1
To Reproduce
Steps to reproduce the behavior:
Go to 'CMS Field Add page'
Insert into a XSS payload in tooltip section
And XSS save
Go to 'Members add page'
xss payload works automatically
The text was updated successfully, but these errors were encountered: