Loading...

XML

Word

Printable

Type: Incident report
Resolution: Fixed
Priority: Major
Fix Version/s: 2.0.20rc1, 2.2.16rc1, 3.0.6rc1, 3.2.2rc1, 3.4.0alpha1
Affects Version/s: None
Component/s: Frontend (F)
Labels:
- popups
- xss

How to reproduce:
http://localhost/2.0/frontends/php/popup_media.php?dstfrm=userForm"%2Balert(12345)%2B"

Enter any value in "Send to", then submit.

Affected versions: [2.0 - 3.3]

Same vulnerability also exists in other parameters as well.

Assignee:: Unassigned

Reporter:: Oleg Egorov (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2016 Nov 16 10:45

Updated:: 2017 May 30 17:52

Resolved:: 2016 Nov 24 11:43