@admin any update?

Please allow for our automated notification system to contact the maintainer. Once the report has gone stale, feel free to get in touch again and we will personally reach out to the maintainers.

Please modify the report to include the following sub-reports you created.

https://huntr.dev/bounties/6fc958d2-ec3b-4319-ac4a-eccec03908bb/ https://huntr.dev/bounties/b9c50ca6-99d5-48d4-ba2c-f5c50179aa3a/

These reports are the same and should cover that XSS is allowed in input fields. A separate report for each input field is unwarranted.

@maintainer Done I have modified the report now can you please validate it.

@maintainer also please give permission to admin to register a CVE for this report

@admin Can you assign a CVE for this report?

We can assign a CVE if the maintainer is happy for one to be assigned and published.

@maintainer - thoughts?

@maintainer @polonel Can you please reply?

@researcher Thank you for your report. No fix has been made yet and this report will get updated when a fix is pushed to master. Please be patient. I am a solo dev working on Trudesk as a hobby. Sometimes it takes weeks for these things to get resolved. Bombarding me with emails and report update requests will not speed this process up. As always with OSS, pull requests are always welcome. Thanks.

@maintainer @polonel I am not asking about a fix actually I am asking that can you please give permission to admin to assign a CVE number to this report.

@sampritdas8 - please stop spamming the comments section. Once the maintainer has confirmed a fix, we can see about assigning and publishing a CVE. Please be patient.

If further spamming continues in the comments section, action will be taken against your account.

Fix has been pushed to master and released in version 1.2.0 CVE can be assigned and published.

@admin Maintainer has given permission now can you please register CVE for this report?

Sorted 👍