Shopify: Stored XSS in /admin/product and /admin/collections

Hello Security Team, I was going through previous reports of XSS and I have found this, https://hackerone.com/reports/978125 As stated by team on this page even on https://hackerone.com/shopify?type=team under Known issues that we can now report XSS under Rich Text Editor on Product description a...

ClipBucket cross-site scripting vulnerability (CNVD-2017-05017)

ClipBucket is an open source video sharing software. The software allows you to share videos to video sites and supports the light off effect when watching a movie. A cross-site scripting vulnerability exists in ClipBucket version 2.7.0.5. A remote attacker can exploit this vulnerability by...