[jira] [Resolved] (STANBOL-1320) Cross Site Scripting Vulnerability at Servlet Response

Rupert Westenthaler (JIRA) Tue, 15 Apr 2014 04:32:26 -0700

     [ 
https://issues.apache.org/jira/browse/STANBOL-1320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Rupert Westenthaler resolved STANBOL-1320.
------------------------------------------

    Resolution: Fixed

fixed with http://svn.apache.org/r1587525 in 0.12 and 
http://svn.apache.org/r1587527 in trunk.

thx Furkan for the patch

> Cross Site Scripting Vulnerability at Servlet Response
> ------------------------------------------------------
>
>                 Key: STANBOL-1320
>                 URL: https://issues.apache.org/jira/browse/STANBOL-1320
>             Project: Stanbol
>          Issue Type: Bug
>            Reporter: Furkan KAMACI
>            Assignee: Rupert Westenthaler
>             Fix For: 1.0.0
>
>         Attachments: STANBOL-1320.patch
>
>
> Directly writing an HTTP parameter to Servlet output allows for a reflected 
> cross site scripting vulnerability.
> See http://en.wikipedia.org/wiki/Cross-site_scripting for more information.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

[jira] [Resolved] (STANBOL-1320) Cross Site Scripting Vulnerability at Servlet Response

Reply via email to