Hi ,
Currently we are checking on Cross-site scripting protection filter on backoffice and smartedit. It works with normal input fields. But when I try to insert scripts in csv and use it to upload a product , the script gets saved. This is definetely a potential vulnerability which we want to avoid.
Any ideas how to achieve this or is it planned in any future hybris releases??
thanks ,
Shabana
Bluesky
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.