[
https://issues.apache.org/jira/browse/HADOOP-6441?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12791234#action_12791234
]
Hudson commented on HADOOP-6441:
--------------------------------
Integrated in Hadoop-Common-trunk-Commit #118 (See
[http://hudson.zones.apache.org/hudson/job/Hadoop-Common-trunk-Commit/118/])
. Protect web ui from cross site scripting attacks (XSS) on
the host http header and using encoded utf-7. (omalley)
> Prevent remote CSS attacks in Hostname and UTF-7.
> -------------------------------------------------
>
> Key: HADOOP-6441
> URL: https://issues.apache.org/jira/browse/HADOOP-6441
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Reporter: Owen O'Malley
> Assignee: Owen O'Malley
> Fix For: 0.21.0
>
> Attachments: h-6441.20.patch, h-6441.patch
>
>
> There are currently vulnerabilities for CSS in Hadoop's Web UI that allow CSS
> attacks.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
