XSS in concurrent edit notification

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Medium
    • 3.0-rc1
    • Affects Version/s: 3.0-beta3
    • Component/s: None

      If a page is being editted by 

      <script>alert('hacked')</script>

      and another user edits it at the same time, they are vulnerable to a potential XSS attack.

        1. page-editor-29-patched.js
          22 kB
        2. page-editor-210-patched.js
          24 kB

              Assignee:
              CharlesA
              Reporter:
              Andrew Lynch (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: