Details
-
Bug
-
Resolution: Duplicate
-
Low
-
None
-
None
-
None
-
None
Description
When the script below is entered into an issue description box, it will execute the next time a person tries to edit the issue:
</textarea><script type="text/javascript">alert('you have been haxored');</script>
Attachments
Issue Links
- duplicates
-
JRASERVER-6884 Description TEXTAREA on Edit Issue page doesn't escape HTML properly
- Closed