Donald Kwakkel created CMIS-943:
-----------------------------------
Summary: Hardcoded Domain in HTML in repository.jsp
Key: CMIS-943
URL: https://issues.apache.org/jira/browse/CMIS-943
Project: Chemistry
Issue Type: Bug
Components: opencmis-client
Affects Versions: OpenCMIS 0.13.0
Reporter: Donald Kwakkel
The file repository.jsp references a script using a hardcoded domain name on
line 27. If attackers compromise the domain, they will have malicious code on
this page.
Recommendation:
Keep control over the code your web pages invoke. Do not include scripts or
other artifacts from third-party sites.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
