[
http://jira.undersunconsulting.com/browse/OFBIZ-559?page=comments#action_13938 ]
Jacques Le Roux commented on OFBIZ-559:
---------------------------------------
Yes Marco,
Please feel free to do it.We can't close eyes on such issues...
I will close it after.
Thanks
> Cross Site Scripting Vulnerability (XSS)
> ----------------------------------------
>
> Key: OFBIZ-559
> URL:
http://jira.undersunconsulting.com/browse/OFBIZ-559> Project: [OFBiz] Open For Business
> Type: Bug
> Reporter: Oliver Lietz
> Assignee: Jira Administrator
>
>
> *Very* simple test:
> /ecommerce/control/keywordsearch?SEARCH_STRING=<script>alert("XSS");</script>
> Other components beside ecommerce are also affected.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.undersunconsulting.com/secure/Administrators.jspa-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
Locked
