Details
Description
Problem Statement : potential Script execution(XSS Attack & Cross Side Scripting ) in Share Document UI
Reproduction Steps :
Create an user "Test" in Hue by belew steps
Log in and click Admin -> Manage Users
Click a Username, click Step 2, and enter Test as username and give
><script>alert()</script
for first and last name. Click Update user
Now go to Document Page
Right-click on a document and click Share. Type 'Test'
you will find the script executed and alert displayed .