SS-2017-003: XSS in RedirectorPage

This site requires you to update your browser. Your browsing experience maybe affected by not having the most up to date version.

Severity:: Low (?)
Identifier:: SS-2017-003
Versions Affected:: 3.4.5 and below, 3.5.0 to 3.5.3
Versions Fixed:: 3.4.6, 3.5.4, 3.6.0
Release Date:: 2017-05-31

RedirectorPage will allow users to specify a non-url malicious script as the redirection path without validation. Users which follow this url may allow this script to execute within their browser.

Credit to Wester for reporting this issue.