Reflected XSS
High
U
Ubiquiti Inc.
Submitted None
Team Summary
Official summary from Ubiquiti Inc.
Due to the lack of sanitisation in the commend area, with a especially crafted message, is possible to execute a XSS with the "preview" function. If a draft is save, is possible to exploit this bug using as and stored-XSS.
Actions:
Reported by
aidantwoods
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Reflected