Uploaded image for project: 'Magnolia'
  1. Magnolia
  2. MAGNOLIA-3589

Cross-site scripting vulnerabilities in the AdminCentral

    XMLWordPrintable

Details

    Description

      We mainly tested and fixed XSS issues in the templates of Magnolia (STK) as they are served to the public. Now we got a report listing all potential XSS vulnerabilities in the AdminCentral. This is less critical as a user has to be logged in before such an attack could happen. Nonetheless the issues should get removed.

      see the private report at: SUPPORT-915

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              ochytil Ondrej Chytil
              pbaerfuss Philipp Bärfuss
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Checklists

                  Bug DoR
                  Task DoD