ID: 12826
Title: Fix reflected XSS using the on page search
Component: Multisite
Level: 1
Class: Security fix
Version: 2.1.0i1
The on page search could be used to trigger a reflected XSS attack. It was
possible to execute arbitrary javascript code in the context of the user
clicking on the reset button of the on page search.
Show replies by date