Hide Forgot
project_key: JBEPP JBEPP-598 is already fixed. But when the firstname or lastname contains script, it's executed on 2 more places: - dashboard (logo portlet contains user's fullname) - organization portlet - when the user is added at group using search dialog Steps to reproduce: - register new user with <script>alert('test')</script> at firstname or lastname 1) sign in as new user, click Dashboard - script is executed at logo portlet 2) sign in as root, go to Users management, Group man., select some group, click "Select User" Search icon - script is executed at Select User dialog
Link: Added: This issue is related to JBQA-4617
Link: Added: This issue is related to JBEPP-598
Release Notes Docs Status: Added: Not Required
Security: Removed: RHT+eXo Added: Public