Impact
A logged in admin user was possible to add a script injection (XSS) in the collection title which was executed.
Patches
The problem should be patched in 1.6.40.
Workarounds
Manual patching the js files.
For more information
If you have any questions or comments about this advisory:'
Impact
A logged in admin user was possible to add a script injection (XSS) in the collection title which was executed.
Patches
The problem should be patched in 1.6.40.
Workarounds
Manual patching the js files.
For more information
If you have any questions or comments about this advisory:'