Closed ddb4github closed 4 years ago
This should have a CVE recorded for it, can you get one?
This should have a CVE recorded for it, can you get one?
Request CVE ID yesterday. still not reviewed now
Is this the same CVE as the core or a separate one for the plugin?
Is this the same CVE as the core or a separate one for the plugin?
I plan to request separate CVE ID for syslog/thold once the my first CVE ID processed. But the first one is still under review. I'm not sure if any program issue.
Describe the bug
Syslog alert/removal/report popup alert during XSS testing.
To Reproduce
Case#1
<script>alert('test CVE');</script>
for all text/area fieldsalert
will popup three times, as screenshot below.Case#2
<script>alert('test CVE');</script>
in name field.Delete
from action listGo
alert
popup