<< Back to previous view |
[QB-3808] Next build version is not sanitizing user input, can execute potentially vulnerable arbitrary code
|
|
Status: | Resolved |
Project: | QuickBuild |
Component/s: | None |
Affects Version/s: | None |
Fix Version/s: | 11.0.26 |
Type: | Bug | Priority: | Major |
Reporter: | Steve Luo | Assigned To: | Unassigned |
Resolution: | Fixed | Votes: | 0 |
Remaining Estimate: | Unknown | Time Spent: | Unknown |
Original Estimate: | Unknown |
Description |
When next build version is a script like <script>alert("hello")</script>, it should be sanitized, otherwise, the script will be executed.
|