-
Notifications
You must be signed in to change notification settings - Fork 68
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reflected XSS in Reportico-7.1 #47
Comments
Hi there Thanks for letting me know about this .. I am going to investigate how to avoid this. Even though this is happening for you when logged in as admin I need to check if this exists elsewhere. Also you are running an old version i will be starting with a fix in the latest Kind Regards |
Hi Peter, Are the vulnerabilities fixed? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Cross-site scripting (XSS) is a web application vulnerability that permits an attacker to inject code, (typically HTML or JavaScript), into the contents of an outside website. When a victim views an infected page on the website, the injected code executes in the victim’s browser. Consequently, the attacker has bypassed the browser’s same origin policy and is able to steal private information from a victim associated with the website.
Steps:
The text was updated successfully, but these errors were encountered: