Cerebrate – Reflected XSS in form descriptions
CIRCL – Computer Incident Response Center Luxembourg
Update to Cerebrate version 1.5
An issue was discovered in Cerebrate through 1.4. genericForm allows reflected XSS in form descriptions via a user-controlled description.
Do you think the security of your data might be lacking? Let's find the best approach together.
Once you contact us, we will ask you about the project you want to secure.