Stored XSS Vulnerability
I believe to have found a Stored XSS Vulnerability in RosarioSIS. I decided not to go into any specifics here (yet). I would appreciate it if you could get back to me with your preferred way of talking about this, because I couldn't find any information on how to talk about security related issues.
For completeness' sake:
- The RosarioSIS version is the latest one (commit 6549919d)
- PHP version: 7.2.13
- PostgreSQL version: 10.6
- Server: Apache 2.4.29 (Ubuntu)
- Browser: Mozilla Firefox 64.0 (Ubuntu)
Regards