stored XSS vulnerability in app/themes/leftnavigation/configuretheme.action

XMLWordPrintable

      Description:
      Stored XSS via page app/themes/leftnavigation/configuretheme.action?key=~<USERNAME>

      Exploit:
      Example value in the Naviagtion Page field: "><script>aletr(document.cookie)</script><x x="

            Assignee:
            Samuel Le Berrigaud
            Reporter:
            Gergely Hodicska
            Votes:
            3 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: