Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 6.3-OD-8, 6.3.1
Affects Version/s: 6.2.6
Component/s: None
Labels:

Introduced in Version:
6.02
CVSS Score:
5.8

To reproduce:

Visit:

/secure/FilterSubscription!default.jspa?returnUrl=javascript:alert(1)

Click "Cancel"
An alert should appear

This URL should be restricted to the current domain, and to http/https protocols.

mentioned in: Page Loading...

Assignee:: Oswaldo Hernandez (Inactive)
Reporter:: Tony Boyle
Votes:: 0 Vote for this issue
Watchers:: 6 Start watching this issue

Created:: 10/Jun/2014 5:53 AM
Updated:: 28/Mar/2019 12:13 AM
Resolved:: 15/Jul/2014 8:27 AM