Reflected XSS vulnerability in muc-room-edit-form.jsp params in Admin Console
Description
The following parameters in '/muc-room-edit-form.jsp' have been identified as being vulnerable to reflected XSS (Cross Site Scripting):
roomconfig_persistentroom
roomconfig_roomsecret
roomconfig_roomsecret2
See the attached Burp Suite report for further details.
Environment
None
Activity
Show:
Dave Cridland
January 8, 2016, 8:47 PM
Fixed by PR 446.
Fixed
Assignee
Dave Cridland
Reporter
Tim Durden
Expected Effort
None
Ignite Forum URL
None
Components
Fix versions
Affects versions
Priority
Configure