/

Errata - 4.0.1 XSS in template

Errata - 4.0.1 XSS in template

Owned by Mark Unwin

Last updated: Jan 18, 2021

We have had a XSS issue reported in a template (thanks Thrivikram Gujarathi).

The fix is available on github at https://github.com/Opmantek/open-audit/commit/7311d9799960a88d711c20ad0c2f8d8648d933e9

The XSS requires the user be logged in and click a malicious link sent by a third party.

Apologies for any inconvenience.

Mark.

Related content

Errata - 4.2.0 and earlier Javascript vulnerability

Errata - 4.2.0 and earlier Javascript vulnerability

More like this

Errata - 4.0.1 XSS in SQL debugging output

Errata - 4.0.1 XSS in SQL debugging output

More like this

Errata - 2.1 Security Update, March 2018

Errata - 2.1 Security Update, March 2018

More like this

Errata - 3.3.2 / 3.4.0 XSS in devices list template (Community)

Errata - 3.3.2 / 3.4.0 XSS in devices list template (Community)

More like this

Errata - 1.6 Security Update, March 2015

Errata - 1.6 Security Update, March 2015

More like this

Errata - 3.3.0 XSS in error templates

Errata - 3.3.0 XSS in error templates

More like this