[Security] Stored XSS in user fields

Tested version: latest

Steps to reproduce the vulnerability:

- Login in the application.
- Click on Direct messages.
- Click on Add a new user.
- Fill all the possible fields with payload `"<script>alert(document.domain)</script>` and save.
- XSS will fire whenever user info is reflected in page.

![Screenshot from 2023-03-25 16-32-27](https://user-images.githubusercontent.com/35783570/227726956-a340115b-05e7-486a-aa08-49c4edd1d3c0.png)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Security] Stored XSS in user fields #10

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Security] Stored XSS in user fields #10

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions