Developer portal vulnerable to Cross-Site Scripting (XSS) attack
Issue
- The developer portal is vulnerable to Cross-Site Scripting (XSS) – the user input (e.g. Account Organization Name) is not sanitized before storing in the database, and a malicious script can be executed when rendering the developer portal pages using Liquid tags.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.