OFBiz OFBiz - Notifications

[jira] [Created] (OFBIZ-11090) Html escaping missing for renderLink parameters

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Nicolas Malin (Jira)
Reply | Threaded
Open this post in threaded view
|

[jira] [Created] (OFBIZ-11090) Html escaping missing for renderLink parameters

Nicolas Malin (Jira)
Deepak Dixit created OFBIZ-11090:
------------------------------------

             Summary: Html escaping missing for renderLink parameters
                 Key: OFBIZ-11090
                 URL: https://issues.apache.org/jira/browse/OFBIZ-11090
             Project: OFBiz
          Issue Type: Bug
    Affects Versions: 16.11.05, 17.12.01, Upcoming Branch, 18.12.01
            Reporter: Deepak Dixit
            Assignee: Deepak Dixit


Html escaping missing for renderLink parameters. Parameters should be escaped to avoid Cross Site Scripting.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
Free forum by Nabble Edit this page