Published: 2019/03/05  Last Updated: 2019/03/05

Information from Security Roots Ltd

Vulnerability ID:JVN#40288903
Title:Dradis Community Edition and Dradis Professional Edition vulnerable to cross-site scripting

This is a statement from the vendor itself with no modification by JPCERT/CC.

We've now fixed the vuln and released:

- Dradis Community Edition v3.11.1
- Dradis Professional Edition v3.1.2

This vulnerability was independently identified by Ohji Kashiwazaki and Sabina Rzeźwicka.