[ https://issues.apache.org/jira/browse/FELIX-3010?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Ziegeler resolved FELIX-3010. ------------------------------------- Resolution: Fixed The pid and filter pid is now filtered against invalid characters Changed in revision 1147461 > XSS in Felix Web Console > ------------------------ > > Key: FELIX-3010 > URL: https://issues.apache.org/jira/browse/FELIX-3010 > Project: Felix > Issue Type: Bug > Components: Web Console > Affects Versions: webconsole-3.1.8 > Reporter: Lars Krapf > Assignee: Carsten Ziegeler > Labels: console, felix, xss > Fix For: webconsole-3.1.10 > > > http://localhost:4502/system/console/configMgr/%3Cscript%3Ealert(23);%3C/script%3E -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira