XSS vulnerability can be exploited with the viewppt macro

XMLWordPrintable

      Upload a file test.ppt

      Use markup:

      {viewppt:test.ppt|height=<script>alert("xss")</script>|width=<script>alert("xss")</script>}

      The scripts will be executed when the page is loaded.

              Assignee:
              m@ (Inactive)
              Reporter:
              Mark Hrynczak (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: