|
|
Author: jleroux
Revision: 1692357
Modified property: svn:log
Modified: svn:log at Fri Apr 8 19:52:32 2016
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Fri Apr 8 19:52:32 2016
@@ -1 +1,2 @@
The description attribute of the display-entity element is now escaped to prevent the risk of an XSS attack.
+[CVE-2015-3268] Stored Cross-Site Scripting Vulnerability affecting the description attribute of the display-entity element because it was not escaped.
|
Locked
