This repository was archived by the owner on May 10, 2024. It is now read-only.
This repository was archived by the owner on May 10, 2024. It is now read-only.
Improper localization sanitation #1
Description
Failure to sanitize "location","First Name", "last Name", & "Bio" Fields, in Mingle "Account" page; allows an attacker, or any user to inject malicious HTML code and performing a presisitent XSS attack against other users. failure to sanitize the "subject" field in the "Messages" section allows an attacker to perform a stored XSS attack against any user of his choice.