Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Critical
Fix Version/s: 9.6.4
Affects Version/s: 9.6.3
Component/s: None
Security Level: Jimmy
Labels:
- security

Safety specification requirements:
None

an attacker can produce a malicious link to execute js if a user clicks the link

Current Result

a browser executes the js embedded in the link

Expected Result

no js executed

Debug Information

this attack is Reflected cross site scripting (XSS) attacks
attackers can produce this kind of link and put it into an email or a forum, then trick people to click the link

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

executeJs.jpg
8 kB
26/Apr/23 4:26 AM

Assignee:: jumperchen
Reporter:: hawk
Votes:: 0 Vote for this issue
Watchers:: 2 Start watching this issue

Created:: 26/Apr/23 4:22 AM
Updated:: 24/Oct/23 7:54 AM
Resolved:: 26/Apr/23 10:19 AM