Ask a Question

Removal of Ability to Link External URL's in Review Function - Cross-site Scripting Vulnerability

0 Kudos

Removal of Ability to Link External URL's in Review Function - Cross-site Scripting Vulnerability

It was identified that the ability to link external URL's in the Review function of the tool can pose a Cross-site Scripting vulnerability.

 

The “review” functionality with the Collaborator web application can be used to serve malicious web pages and execute client-side code to end users by including a URL, which is controlled by the attacker, as part of the review 

Announcements
Welcome to the Collaborator Feature Requests board!

Here you can review submitted feature requests and vote up the ones you like! If you can't find the feature you want - go ahead and suggest your own idea. Ideas with the highest rating can be implemented in the product.

Check out the Create a Feature Request guide for more information.
New Here?
Welcome to the Community
Sign Up Here