SS-2016-001: XSS in CMSController BackURL
- Severity:
- High (?)
- Identifier:
- SS-2016-001
- Versions Affected:
- 3.1.18, 3.2.3, 3.3.1
- Versions Fixed:
- 3.1.19, 3.2.4, 3.3.2
- Release Date:
- 2016-05-11
A XSS risk exists in the returnURL parameter passed to CMSSecurity/success. An unvalidated url could cause the user to redirect to an unverified third party url outside of the site.
Credit: David Júlio for reporting.