rhukster
commented
1 year ago Please follow this process to report security issues.
https://learn.getgrav.org/17/security/reports
Thanks!
Closed Misha-N closed 1 year ago
rhukster
commented
1 year ago Please follow this process to report security issues.
https://learn.getgrav.org/17/security/reports
Thanks!
Hello, i found that there is reflected XSS vulnerability in /forgot_password end. If I send request with in it, withou client side validation, script is returned in response and is perfomed on client side. I did not find any solution how to fix it, can you help me with that ? :)
Thank you, Mike