vbezruchkin
commented
2 years ago Why would a person that has access to admin panel dot this type? Just curious how you see it.
Open sinemsahn opened 2 years ago
vbezruchkin
commented
2 years ago Why would a person that has access to admin panel dot this type? Just curious how you see it.
sinemsahn
commented
2 years ago A person who has infiltrated the system can try all means from a malicious point of view. And that's one of the options he could look at
sinemsahn
commented
1 year ago I want to get cve like this. A cve has been given in your previous products for such clarity. Can you help me?
Thanks.
sinemsahn
commented
1 year ago @vbezruchkin
junni18
commented
1 year ago stop alert
On Wed, Dec 21, 2022 at 1:47 AM Sinem Şahin @.***> wrote:
@vbezruchkin https://github.com/vbezruchkin
— Reply to this email directly, view it on GitHub https://github.com/intelliants/subrion/issues/895#issuecomment-1359899111, or unsubscribe https://github.com/notifications/unsubscribe-auth/AF3MRRIWQKRETKRDLTE3JR3WOHWMFANCNFSM6AAAAAARAIMDKI . You are receiving this because you are subscribed to this thread.Message ID: @.***>
Describe the bug Cross Site Scripting (XSS) in the fiekd tooltip section of the members add page. version: 4.2.1
To Reproduce Steps to reproduce the behavior:
Go to 'CMS Field Add page' Insert into a XSS payload in tooltip section And XSS save Go to 'Members add page' xss payload works automatically