[magnolia-dev] [JIRA] (MGNLFORM-243) HTML is escaped in form fields resulting in HTML characters in passwords (and other fields) ending up in JCR in their escaped form

JIRA (on behalf of Federico Grilli) Fri, 12 Sep 2014 03:37:16 -0700

Change By:	Federico Grilli (12/Sep/14 12:31 PM)
Summary:	Consider XSS attacks HTML is escaped in AdminCentral form fields resulting in HTML characters in passwords ( and re-think XSS impl other fields) ending up in Form module JCR in their escaped form

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <dev-list-unsubscr...@magnolia-cms.com>
----------------------------------------------------------------

[magnolia-dev] [JIRA] (MGNLFORM-243) HTML is escaped in form fields resulting in HTML characters in passwords (and other fields) ending up in JCR in their escaped form

Reply via email to