Security:Security Advisories/BSSA-2022-02: Difference between revisions

Revision as of 11:06, 26 April 2022

Users are able to inject arbitrary HTML (XSS) on regular pages, using a special value for the title parameter. This can be triggered via URL.

Upgrade to BlueSpice 4.1.3

Special thanks to the security team of an undisclosed customer

Revision as of 09:11, 26 April 2022 (view source) Margit Link-Rodrigue (talk \| contribs) m ((username removed) (log details removed)) ← Older edit	Revision as of 11:06, 26 April 2022 (view source) Margit Link-Rodrigue (talk \| contribs) m ((username removed) (log details removed)) Newer edit →
(No difference)