Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-10326

XSS/Phishing vulnerability in the attachment selector

    XMLWordPrintable

Details

    • Trivial
    • N/A (I' m surprised our automated security tests didn't find this...)
    • N/A

    Description

      The filter parameter is used unescaped.

      Attachments

        Activity

          People

            sdumitriu Sergiu Dumitriu
            sdumitriu Sergiu Dumitriu
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: