Details
-
Bug
-
Resolution: Fixed
-
Medium
-
2.0.3, 2.1.5, 2.2.10, 2.3.3, 2.4.5, 2.5.8, 2.6.2, 2.7.2
-
None
Description
browseusers.vm does not escape usernames.
Attachments
Issue Links
- is cloned from
-
CONFSERVER-10807 Users with view permissions on a space are able to delete (purge) pages they don't have permission to edit/access
- Closed