[jira] [Updated] (STANBOL-1320) Cross Site Scripting Vulnerability at Servlet Response

Sun, 06 Apr 2014 14:21:26 -0700 

     [ 
https://issues.apache.org/jira/browse/STANBOL-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Furkan KAMACI updated STANBOL-1320:
-----------------------------------

    Attachment: STANBOL-1320.patch

I've attached the path that escapes user supplied data.

> Cross Site Scripting Vulnerability at Servlet Response
> ------------------------------------------------------
>
>                 Key: STANBOL-1320
>                 URL: https://issues.apache.org/jira/browse/STANBOL-1320
>             Project: Stanbol
>          Issue Type: Bug
>            Reporter: Furkan KAMACI
>             Fix For: 1.0.0
>
>         Attachments: STANBOL-1320.patch
>
>
> Directly writing an HTTP parameter to Servlet output allows for a reflected 
> cross site scripting vulnerability.
> See http://en.wikipedia.org/wiki/Cross-site_scripting for more information.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Reply via email to