This repository has been archived by the owner on May 10, 2024. It is now read-only.
Improper localization sanitation #1
Comments
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Failure to sanitize "location","First Name", "last Name", & "Bio" Fields, in Mingle "Account" page; allows an attacker, or any user to inject malicious HTML code and performing a presisitent XSS attack against other users. failure to sanitize the "subject" field in the "Messages" section allows an attacker to perform a stored XSS attack against any user of his choice.
The text was updated successfully, but these errors were encountered: