XSS Vulnerability caused by Redactor 3 #796
Comments
|
Hi,
Thank you the detailed explanation.
Can you make a pull request? So that i can merge it. If not ill be doing as early as possible.
Once again thanks for bringing to our notice.
… On 05-Jul-2018, at 2:40 PM, Chenfeng Nie ***@***.***> wrote:
The stored XSS can be triggered once you editing content by using Redactor 3 (https://imperavi.com/redactor/) plugin. it can be found in both PAGE and BLOG modules.
To developer:
Please avoid use Redactor right now before they fix this issue.
Reference:
#794
https://imperavi.com/redactor/
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.
|
|
@anupriya17 I'll be looking into it right now. |
|
@levoncf @anupriya17 I've disabled Redactor immediately. Will investigate into further. Feel free to share your opinions |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The stored XSS can be triggered once you editing content by using Redactor 3 (https://imperavi.com/redactor/) plugin. it can be found in both PAGE and BLOG modules.
To developer:
Please avoid use Redactor right now before they fix this issue.
Reference:
#794
https://imperavi.com/redactor/
The text was updated successfully, but these errors were encountered: