XSS in studio course updates and page title

6 views

Skip to first unread message

Ayman Al Kurdi

unread,

Apr 24, 2018, 1:03:47 PM4/24/18

to General Open edX discussion

I just noticed you can enter XSS code as a course update in the CMS <script> and it will show on the LMS for the users. This also happen if you want to add a new page to the course

Does anyone have a fix? This is a big issue for us

Thanks

Reply all

Reply to author

Forward

0 new messages