PT-2020-21415 · Jingo · Jingo
Published
2020-09-01
·
Updated
2020-09-01
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
jingo versions prior to 1.9.2
Description
The issue allows for Cross-Site Scripting (XSS) attacks. If malicious input, such as
<script>alert(1)</script>, is placed in the content of a wiki page, the input is not properly encoded and is executed instead of being rendered as text.Recommendations
Upgrade to version 1.9.2
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jingo