Hi Ulisses, The XSS found is a different one. The one mentioned on http://ift.tt/1TFA3Bc has a screenshot where the XSS is inserted when creating a new role and by preventing the javascript filters to execute. A new role can only be created by the admin user. This XSS is also performed by inserting the
No comments:
Post a Comment