Open RamyaMahesh opened 8 years ago
It would be helpful if you could confirm whether the issue is a generic issue throughout the site, or merely confined to the single instance to which you refer...
Thanks,
Martin
Nastaran Avalos and Anita Gilbert We were able to enter html tags to string field "ex:Location" and cause Server error.
Security Testing:
Steps to recreate: in the administrator tool , navigate to create/update the cluster In the text field exter some javascript for checking the cross site scripting security test
Observed: When injecting javascript on text field shows unhandled exception
Expected: Javascript input should be treated as string and should be accepted on the input field