Stored xss on helpdesk using user's city
Medium
L
Lark Technologies
Submitted None
Team Summary
Official summary from Lark Technologies
A stored XSS (cross-site scripting) was found on the internal larksuite helpdesk, which an attacker could have potentially used to obtain access to the internal helpdesk. We thank imran_nisar for reporting this vulnerability and confirming its resolution.
Actions:
Reported by
imran_nisar
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Cross-site Scripting (XSS) - Stored