-
Type:
Bug
-
Status: Closed (View Workflow)
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: backlog
-
Fix Version/s: None
-
Sprint:3.7 Larks, 3.8 Larks
Steps to reproduce:
- Open profile page of user '><script>alert()</script>' http://qa.jtalks.org/jcommune/users/11448.
Actual result: script executes, pop-up window appears.
Expected result: script in username isn't executed.