Stripo Inc: Stored XSS at "Conditions " through "My Custom Rule" Field at [https://my.stripo.email/cabinet/#/template-editor/] in Template Editor.
Summary: Hi Team, There is "Stored XSS" in "Conditions" . When creating "My Custom Rule", you have to provide a name, whereas "My Custom Rule " field does not properly sanitize the input provided by the User leading to Stored XSS. Other fields are properly sanitizing the input. See the video Pock...