By entering a malicious code, an attacker can gain informations about someone's account.
Steps to reproduce:
1. You need an Account Manager ( + a Premium account);
2. Go to Overviews - > Account Manager;
3. Go to the Troops tab;
4. Click on Manage Templates;
5. In the template name field insert
and then click on Create new template;
6. Go to one of your villages and at the bottom of the page, on the Account Manager tab, click on Edit. This should take you to the Account Manager Overview where an XSS alert should pop.
Reproduction rate (Every time? Sometimes?):
It works every time.
Browser and Version:
I am using Mozzila Firefox, 33.1.1 (latest version)
Visual Reference if available (Screenshot) please put them in a spoiler.: