Replies: 4 comments 5 replies
-
It is regularly tested by external as I receive possible CVEs details. But please provide me what your security team shared with you. |
Beta Was this translation helpful? Give feedback.
-
I'm bumping and confirm issue with this topic. In the text field where the user can change the name/surname, is still an error that allows the execution of the XSS script (confirming what rbartczak wrote). |
Beta Was this translation helpful? Give feedback.
-
@rbartczak |
Beta Was this translation helpful? Give feedback.
-
Please retest in 3.0.7 and close if fixed |
Beta Was this translation helpful? Give feedback.
-
We have received information from our security team about an XSS vulnerability (e.g. session stealing).
I can see in the code that there is information about XSS security.
Have you tested xss vulnerabilities?
Beta Was this translation helpful? Give feedback.
All reactions