Stored XSS filter bypass on discussion forum. "URL" tag.
Medium
E
ExpressionEngine
Submitted None
Team Summary
Official summary from ExpressionEngine
A vulnerability was identified and fixed that could have allowed attackers to bypass the XSS filter in the discussion forum, enabling arbitrary JavaScript execution in the victim's browser.
Actions:
Reported by
d0bby
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Stored