id,summary,reporter,owner,description,type,status,priority,milestone,component,version,severity,resolution,keywords,cc,focuses 47910,Stored Xss,wildfighter0481,,"Description: XSS (Cross-Site Scripting) allows an attacker to execute a dynamic script (Javascript, VbScript) in the context of the application. This allows several different attack opportunities, mostly hijacking the current session of the user or changing the look of the page by changing the HTML on the fly to steal the user's credentials. This happens because the input entered by a user has been interpreted as HTML/Javascript/VbScript by the browser. Step To Reproduce: 1) Select theme from theme store i choose social-care-lite theme 2) Go to menus options and add menus 3) then change menus name to 4) publish page and refresh it 5) and execute xss",enhancement,closed,normal,,General,5.2.2,normal,invalid,,,