Closed micheleidesmith closed 10 years ago
One of title / dept or comment input is not sanitised
Attack vectors: index.php?name=guest
and https://www.evernote.com/shard/s6/sh/68063137-997e-4b62-9723-ed3ee5e36141/4bca2a510c786a697b90b9b2bd43b946
Fixed in https://github.com/CUL-DigitalServices/avocet-ui/pull/314
Closing as this is fixed.
One of title / dept or comment input is not sanitised
Attack vectors: index.php?name=guest
and https://www.evernote.com/shard/s6/sh/68063137-997e-4b62-9723-ed3ee5e36141/4bca2a510c786a697b90b9b2bd43b946