XSS in Countdown Timer

Description

A cross-site scripting (XSS) vulnerability has been identified in the Countdown macro parameter

Affected versions:

  • version < 1.7.0


Acknowledgement:
We would like to acknowledge Roman Ferdigg from SEC Consult for reporting this vulnerability.

Environment

None
Fixed

Assignee

Stella

Reporter

Stella

Labels

None

Fix versions

Affects versions

Priority

Major
Configure