-
Type:
Bug
-
Status: Closed
-
Resolution: Fixed
-
Affects Version/s: 6.2.X EE
-
Fix Version/s: 6.2.4 CE GA5, 6.2.X EE
-
Branch Version/s:6.2.x
-
Backported to Branch:Committed
-
Story Points:6
-
Fix Priority:3
-
Git Pull Request:
1. Navigate to Control Panel > Site Administration > Web Content.
2. Set the view to List.
3. Create a Web Content article with the title: "><script>alert('Title1')</script>
4. Publish the article.
Expected Result:
No XSS pop-up will appear.
Actual Result:
XSS pop-up appears.
- is duplicated by
-
LPS-57532 Various XSS issues in 6.2.3
- Closed
- is related to
-
LPS-47725 Unable to edit Web Content when journal.article.force.autogenerate.id=false and the articleId contains special characters
- Closed
- relates
-
LPE-13941 There was a XSS issue in the 'list view' interface within the Web content portlet
-
- Closed
-