Aethedor the Mage

  • Registered on: 2008-10-10

Activity

Reported issues: 1

2008-10-10

11:50 Redmine Defect #2017 (Closed): Cross-site scripting in forum
The PRE tag in the forum is vulnerable for cross-site scripting:
<pre onMouseOver="javascript:alert('XSS')">hold m...
09:32 Redmine Open discussion: Cross-site scripting
<pre onMouseOver="javascript:alert('XSS')">
Hold your mouse pointer here
</pre>

Also available in: Atom