Open kpapijnenburg opened 2 years ago
We use Tweakwise version 3.3.8 in our webshop. A routine vulnerability check has shown that there are cross site scripting (XSS) vulnerabilities in the code, see the attachment for more information.
xss_vulnerability.pdf
I've added this issue to our work log. We will keep you informed.
This issue is already fixed from version 4.2.0 and above.
Issue Brief
We use Tweakwise version 3.3.8 in our webshop. A routine vulnerability check has shown that there are cross site scripting (XSS) vulnerabilities in the code, see the attachment for more information.
xss_vulnerability.pdf
Environment
Steps to reproduce
Actual result
Expected result