A cross-site scripting (XSS) issue in the login panel in Redwood Report2Web 4.3.4.5 and 4.5.3 allows remote attackers to inject JavaScript via the signIn.do urll parameter.
Recommendation
Update Redwood to the latest version.
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days