This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Product Description] | |
Joget DX is an open source platform to easily build enterprise web apps for cloud and mobile. | |
[Details] | |
The data table generated via the Datalist table module was vulnerable to A Stored Cross-Site Scripting (XSS) vulnerability. In case that the application allows user submit the input to be displayed on this table, the input data will be collected. Then the Joget DX will display the collected data without escaping and let it to be executed on the browser (for Javascript data). | |
[Impact] | |
Running malicious web script or HTML script on victim's web browser. | |
[Affected component] |