Search found 6188 matches
- 10 Apr 2024, 08:41
- Forum: Bug Report version 3.5.3
- Topic: SQL Injection in Users Login Log
- Replies: 2
- Views: 121
Re: SQL Injection in Users Login Log
To find any XSS, SQL Injection etc, please login as not admin user. I did not add any protection for admin user. Because admin can add own PHP, JS, HTML code for app.
- 10 Apr 2024, 08:39
- Forum: Bug Report version 3.5.3
- Topic: Stored Cross-Site Scripting (XSS) in users_alerts
- Replies: 3
- Views: 84
Re: Stored Cross-Site Scripting (XSS) in users_alerts
As I said before vulnerability - if not admin user can add something like this . There is PHP code and JS code field type and ADMIN user can add any code there too. And this is not vulnerability too, because this is how app works. Admin can add own custom code for app. So to find any XSS, please log...
- 10 Apr 2024, 08:36
- Forum: Bug Report version 3.5.3
- Topic: Stored Cross-Site Scripting (XSS) in configuration/custom_html
- Replies: 3
- Views: 62
Re: Stored Cross-Site Scripting (XSS) in configuration/custom_html
But you are admin and app allows you add any code. It's all your responsibility.
Vulnerability - if not admin user can add something like this.
Vulnerability - if not admin user can add something like this.
- 10 Apr 2024, 08:33
- Forum: Discussion
- Topic: Export PDF
- Replies: 1
- Views: 52
Re: Export PDF
Word to PDF is problematic. To all settings can be used in php to create PDF.
Use HTML template to generate PDF. It will be better formatted.
Use HTML template to generate PDF. It will be better formatted.
- 09 Apr 2024, 18:02
- Forum: Bug Report version 3.4.4
- Topic: Related entity - add record action can't add multiple related records
- Replies: 1
- Views: 77
Re: Related entity - add record action can't add multiple related records
First update to 3.5, please. If error will be exist, I will check.
- 09 Apr 2024, 17:59
- Forum: Bug Report version 3.5.3
- Topic: Stored Cross-Site Scripting (XSS) in users_alerts
- Replies: 3
- Views: 84
Re: Stored Cross-Site Scripting (XSS) in users_alerts
Anton, this is not vulnerability. As administrator you can add own php/js/html code for app. This is not bug or vulnerability.
- 09 Apr 2024, 17:58
- Forum: Bug Report version 3.5.3
- Topic: Stored Cross-Site Scripting (XSS) in configuration/custom_html
- Replies: 3
- Views: 62
Re: Stored Cross-Site Scripting (XSS) in configuration/custom_html
Anton, this is not vulnerability. As administrator you can add own php/js/html code for app. This is not bug or vulnerability.
- 09 Apr 2024, 07:33
- Forum: Bug Report version 3.5.3
- Topic: stored XSS (Cross-site scripting) vulnerability
- Replies: 3
- Views: 126
- 08 Apr 2024, 19:43
- Forum: Discussion
- Topic: Data base error
- Replies: 2
- Views: 50
Re: Data base error
Go to calendar report and remove reports with empty entity.
- 08 Apr 2024, 19:38
- Forum: Bug Report version 3.5.3
- Topic: stored XSS (Cross-site scripting) vulnerability
- Replies: 3
- Views: 126
Re: stored XSS (Cross-site scripting) vulnerability
Thank you. Will be fixed in 3.5.3