You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "Jacques Le Roux (Jira)" <ji...@apache.org> on 2020/06/24 11:08:00 UTC
[jira] [Created] (OFBIZ-11840) Reflected XSS in content component
Jacques Le Roux created OFBIZ-11840:
---------------------------------------
Summary: Reflected XSS in content component
Key: OFBIZ-11840
URL: https://issues.apache.org/jira/browse/OFBIZ-11840
Project: OFBiz
Issue Type: Sub-task
Components: content
Affects Versions: 17.12.03
Reporter: Jacques Le Roux
Harshit Shukla [mailto:harshit.shukz@gmail.com] reported a Reflected XSS vulnerability in content component to the OFBiz security team, and we thank him for that.
I'll later quote here his email message when the vulnerability will be fixed. It's a post-auth vulnerability so we did not ask for a CVE.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)