New Relic: Html injection in monitor name textbox

2016-02-05T08:47:59
ID H1:114852
Type hackerone
Reporter karthic
Modified 2016-06-19T23:30:21

Description

payload in monitor name textbox : <img src=x onerror=prompt(40)>

image tag is executed in Monitot failed email

fix : Need to done secure parse encode in monitor name textbox to prevent html injection in email