You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "Jacques Le Roux (Jira)" <ji...@apache.org> on 2020/06/24 11:08:00 UTC

[jira] [Created] (OFBIZ-11840) Reflected XSS in content component

Jacques Le Roux created OFBIZ-11840:
---------------------------------------

             Summary: Reflected XSS in content component
                 Key: OFBIZ-11840
                 URL: https://issues.apache.org/jira/browse/OFBIZ-11840
             Project: OFBiz
          Issue Type: Sub-task
          Components: content
    Affects Versions: 17.12.03
            Reporter: Jacques Le Roux


Harshit Shukla [mailto:harshit.shukz@gmail.com] reported a  Reflected XSS  vulnerability in content component to the OFBiz security team, and we thank him for that.

I'll later quote here his email message when the vulnerability will be fixed. It's a post-auth vulnerability so we did not ask for a CVE.




--
This message was sent by Atlassian Jira
(v8.3.4#803005)