Project

General

Profile

Actions
Copy link

BUG #4208

open

BUG #4247: [SQA][MODULE] Agency Profile Setup

BUG #4249: [SQA]: Functional >> Agency Profile Setup

[SQA] Agency Profile: Legal Name field allows unsafe input and triggers abnormal popup

Added by Aman Bhuiyan 2 months ago. Updated 29 days ago.

Status:
Complete
Priority:
High
Assignee:
Aman Bhuiyan
Target version:
sprint 04
Start date:
02/03/2026
Due date:
% Done:

100%

Estimated time:

Description

Description

Module/Section: Agency Profile → Edit Agency Legal Name
Profile: Agency
Issue Category: Functional

On the Edit Agency Legal Name modal, the Legal Name input field lacks proper input sanitization.
Entering malicious HTML or script tags results in an unexpected or abnormal popup, indicating unsafe input is not being handled correctly.

This behavior poses potential security and stability risks.

Steps to Reproduce

  1. Navigate to the Agency Profile page.
  2. Open the Edit Agency Legal Name option.
  3. Enter malicious input such as <script>alert(1)</script> in the input field.
  4. Attempt to save the changes.
  5. Observe the popup behavior.

Expected Result

The Agency Legal Name field should:

  • Sanitize or reject unsafe input
  • Prevent submission of HTML/script tags
  • Avoid triggering abnormal popups

Actual Result

  • The field accepts unsafe input
  • An unexpected popup appears when saving, indicating improper input handling

Attachments

Impact Area:

Root Cause:

Additional Info

  • Tested By: Aman
Actions
Copy link

Also available in: Atom PDF