Open 333JeremySloan opened 6 years ago
It looks like login input fields are not being properly sanitized.
Steps to reproduce:
Access https://crisischeckin-d.azurewebsites.net/Account/Login
Enter one of the following values as username: <SCript> '
<SCript>
'
Result: Server returns full stack trace error
It looks like login input fields are not being properly sanitized.
Steps to reproduce:
Access https://crisischeckin-d.azurewebsites.net/Account/Login
Enter one of the following values as username:
<SCript>
'
Result: Server returns full stack trace error