This repository has been archived by the owner on Jan 24, 2021. It is now read-only.
Cross-Site Scripting (XSS) on OOB Registration Page #122
Comments
|
A fix contributed to this project would be ideal. If you'd like to discuss the specifics of the issue before making changes please write to me via the LinkedIn profile I have listed in my GitHub profile. This will help to avoid publically disclosing anything potentially sensitive prior to a fix being available. |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I've been made aware of a Cross-Site Scripting (XSS) vulnerability on the oob registration button. The partial URL is Account/Login/Register?returnUrl=%2F
Has anyone else experienced this? If so, is it hard to fix or should I just roll my own registration page?
Thanks.
The text was updated successfully, but these errors were encountered: