Hi!
My it-security department informed me that it's a problem with a Fabrik form. A Cross Site Scripting (XSS) vulnerability. And they sent me the link below.
This link (made anonymous) is a form you reach from a list connected by dbjoin (course_date_id) via a related link. The dbjoin element is just shown in the form (auto-complete).
https://XXXXXXXXX/fabrik/form/5?referring_table=4&XXXXX_course_registration___course_date_id_raw=876
Cross Site Scripting (XSS)
CVSSv3 Score: 6.1
Is it a real vulnerability I need to act on? Do you need additional information? I'm far from a expert in this area....
Regards
Matt
J 3.9.24
F 3.9 (not the latest...)
My it-security department informed me that it's a problem with a Fabrik form. A Cross Site Scripting (XSS) vulnerability. And they sent me the link below.
This link (made anonymous) is a form you reach from a list connected by dbjoin (course_date_id) via a related link. The dbjoin element is just shown in the form (auto-complete).
https://XXXXXXXXX/fabrik/form/5?referring_table=4&XXXXX_course_registration___course_date_id_raw=876
Cross Site Scripting (XSS)
CVSSv3 Score: 6.1
Is it a real vulnerability I need to act on? Do you need additional information? I'm far from a expert in this area....
Regards
Matt
J 3.9.24
F 3.9 (not the latest...)