Details
-
Type:
Defect (Security)
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 4.0.0alpha1, 4.0.0alpha2, 4.0.0alpha3
-
Fix Version/s: 3.4.9rc1, 4.0.0alpha6, 4.0 (plan)
-
Component/s: Frontend (F)
-
Team:Team C
-
Sprint:Sprint 28, Sprint 29, Sprint 30, Sprint 31
-
Story Points:0.125
Description
There is a persistent xss in map navigation tree widget. To reproduce it, create a map navigation tree widget, add single element and set it's name to <img src="xxx" onerror="alert('xss');"/>. As a result you will get: