-
Bug
-
Resolution: Fixed
-
High
-
2.5.4
-
None
-
Standalone
Description:
Stored XSS via page app/themes/leftnavigation/configuretheme.action?key=~<USERNAME>
Exploit:
Example value in the Naviagtion Page field: "><script>aletr(document.cookie)</script><x x="