CMS MADE SIMPLE FORGE

Form Builder

 
Back Back to List

[#12673] Unable to submit forms returns XSS Attempt error every time

avatar
Created By: Kevin WIlkinson (SpectrumWebProducts)
Date Submitted: Fri Dec 08 06:29:43 -0500 2023

Assigned To:
Version: 1.2
CMSMS Version: 2.2.18
Severity: Critical
Resolution: None
State: Open
Summary:
Unable to submit forms returns XSS Attempt error every time
Detailed Description:
I have come across this on all versions of CMSMS 2.2.16 onwards and Form Builder
versions 1.1.1 and 1.2

Forms mostly but not always submit successfully when using Chrome and FB 1.1.1,
but all attempts using Edge & Safari return XSS Attempt error.

Sometimes it seems to be fixed by forcing HTTPS (ie form won't send if your
session is in HTTP), but nothing works for 1.2 on Edge or Safari, submit fails
every time.

I have reverted all my sites to using version 1.1 which works fine.


History

Comments
avatar 
Date: 2024-05-03 02:46
Posted By: vincent haakman (vhaakman)

Same here, but unfortunately downgrading to 1.1 doesnt seem to help. Any help is
welcome.
avatar 
Date: 2024-05-03 03:21
Posted By: vincent haakman (vhaakman)

UPDATE: Adding a CSFR token seems to solve the problem (see FB module help)
Updates

Updated: 2023-12-08 06:30
resolution_id: => 5
severity_id: 2 => 1