You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
camaleon-cms version: <= 2.8.3 vulnerable to vulnerable to XSS. Step 1: Log in to the user1 account, access the Profile Edit tab, then edit display name (First Name, Last Name). Step 2: Go back and select any post, then write a comment. Step 3: If the admin user accesses the comment tab, a malicious code will be executed.
Recommendations :
Filter and validate all user inputs.
Special characters (<, >, &, ", ') output should be HTML encoded.
The text was updated successfully, but these errors were encountered:
camaleon-cms version: <= 2.8.3 vulnerable to vulnerable to XSS.
Step 1: Log in to the user1 account, access the Profile Edit tab, then edit display name (First Name, Last Name).
Step 2: Go back and select any post, then write a comment.
Step 3: If the admin user accesses the comment tab, a malicious code will be executed.
Recommendations :
<, >, &, ", '
) output should be HTML encoded.The text was updated successfully, but these errors were encountered: