Comment 0 for bug 1900872

As part of a penetration test done by a third party on a customer environment, it was found that by adding JavaScript into the ‘Subnet Name’ field, the JavaScript would trigger
when adding the network to an instance and then loading a network trunk.
The user needs permissions to create a network and edit an instance for this to trigger.
See attached screenshots for more details.
This is susceptible to a Cross-Site Scripting (XSS) vulnerability.