Project

General

Profile

Actions
Copy link

BUG #4240

open

BUG #4247: [SQA][MODULE] Agency Profile Setup

BUG #4249: [SQA]: Functional >> Agency Profile Setup

[SQA] Agency Profile Edit Primary Contact: Role/Designation field allows HTML/JS input

Added by Aman Bhuiyan 2 months ago. Updated 29 days ago.

Status:
Complete
Priority:
Medium
Assignee:
Aman Bhuiyan
Target version:
sprint 04
Start date:
02/03/2026
Due date:
% Done:

100%

Estimated time:
Spent time:
1:00 h

Description

Description

Module/Section: Agency Profile → Edit Primary Contact
Profile: Agency
Issue Category: Functional

On the Edit Primary Contact modal, the Role/Designation input field lacks input validation and sanitization, allowing users to enter HTML or JavaScript tags.
This is a security risk and may cause XSS vulnerabilities or incorrect data storage.

Steps to Reproduce

  1. Navigate to the Agency Profile page.
  2. Open the Add Primary Contact or Edit Primary Contact modal.
  3. Enter HTML/JS tags (e.g., <script>alert(1)</script> or <b>test</b>) in the Role/Designation field.
  4. Save the changes.

Expected Result

The Role/Designation field should sanitize or reject HTML/JavaScript tags and accept only valid text input.

Actual Result

The field allows HTML/JS tags to be entered without restriction.

Root Cause

To be filled

Impacted Area

To be filled

Attachments

Additional Info

  • Tested By: Aman
Actions
Copy link
 #1

Updated by Ayat Rahman 2 months ago

  • Parent task set to #4249
Actions
Copy link
 #2

Updated by Ayat Rahman about 2 months ago

  • Assignee changed from Ayat Rahman to Aman Bhuiyan
  • % Done changed from 0 to 100
Actions
Copy link
 #3

Updated by Aman Bhuiyan 29 days ago

  • Status changed from Pending to Complete
Actions
Copy link

Also available in: Atom PDF