[JIRA] Commented: (OFBIZ-559) Cross Site Scripting Vulnerability (XSS)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[JIRA] Commented: (OFBIZ-559) Cross Site Scripting Vulnerability (XSS)

JIRA jira@ofbiz.org
     [ http://jira.undersunconsulting.com/browse/OFBIZ-559?page=comments#action_13933 ]
     
Marco Risaliti commented on OFBIZ-559:
--------------------------------------

Can I move to it to the new jira issue server ?

Thanks
Marco

> Cross Site Scripting Vulnerability (XSS)
> ----------------------------------------
>
>          Key: OFBIZ-559
>          URL: http://jira.undersunconsulting.com/browse/OFBIZ-559
>      Project: [OFBiz] Open For Business
>         Type: Bug
>     Reporter: Oliver Lietz
>     Assignee: Jira Administrator

>
>
> *Very* simple test:
> /ecommerce/control/keywordsearch?SEARCH_STRING=<script>alert("XSS");</script>
> Other components beside ecommerce are also affected.

--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://jira.undersunconsulting.com/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira