- Group Documents
- This plugin is prone to a cross site scripting vulnerability, because “Display name” and “Description” fields are not escaped.
- Update the plugin.
Type XSS (Cross Site Scripting)
OWASP Top 10 A3: Cross Site Scripting (XSS)
- Name CVE-N/A
Fixed In 1.2.2
- Disclosure date
- Tom Adams