You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
An XSS payload can be injected in a page title and executed via the search results. While the title is properly escaped in both the navigation links and the actual page title, it is not the case in the search results.
Patches
Commit a57d9af fixes this vulnerability by properly escaping the text content displayed in the search results.
jtapsl Analyst
Impact
An XSS payload can be injected in a page title and executed via the search results. While the title is properly escaped in both the navigation links and the actual page title, it is not the case in the search results.
Patches
Commit a57d9af fixes this vulnerability by properly escaping the text content displayed in the search results.