Site icon API Security Blog

Cross-site Scripting (XSS)

concrete5/concrete5 is vulnerable to Cross-site Scripting (XSS). The vulnerability exists via the name parameter on API integrations due to lack of sanitization which allows an attacker to inject and execute malicious javascript.Read More

Exit mobile version