Cross Site Scripting vulnerabilities in user forms in EPP 5.1 and before.
Issue
- A user can place html or javascript as their first or last name causing a viewing user to execute said code. This may happen during user modification or in other actions. Other inputs may be vulnerable as well.
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.