logo
DATABASE RESOURCES PRICING ABOUT US

Prismatic < 2.8 - Reflected Cross-Site Scripting (XSS)

Description

The plugin does not escape the 'tab' GET parameter before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator


Related