$smarty.request - opens door for XSS if not escaped
$smarty.request.varname if embedded in template without escaping will open door for XSS.
Reference: http://lists.vtigercrm.com/pipermail/vtigercrm-developers/2023-May/041133.html
Welcome to Vtiger Community. To gain access for account, please contact [ community @ vtiger.com ]
$smarty.request.varname if embedded in template without escaping will open door for XSS.
Reference: http://lists.vtigercrm.com/pipermail/vtigercrm-developers/2023-May/041133.html
Copyright 2023 Vtiger. All rights reserved.