Uploaded image for project: 'Contacts App'
  1. Contacts App
  2. CNTCTSAPP-41

XSS vulnerability of ContactPreviewComponent

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Blocker
    • 1.0.2
    • 1.0.1
    • None

    Description

      Steps to reproduce:

      1. Edit some contact, use some XSS for Organization field, save.
      2. Edit Contact teaser on some page (http://localhost:8080/magnoliaAuthor/demo-project/news-and-events.html).
      3. Choose contact from the first step.
        -> XSS exploit.

      The above issue basically concerns any text fields and text areas displayed by the component.

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              fgrilli Federico Grilli
              rkovarik Roman Kovařík
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Checklists

                  Bug DoR
                  Task DoD