[ https://issues.apache.org/jira/browse/CONNECTORS-1597?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16802984#comment-16802984 ]
Karl Wright commented on CONNECTORS-1597: ----------------------------------------- Please give more details. Bear in mind that ManifoldCF does not execute any Javascript, so offhand I find this hard to believe. > reflected cross-site scripting vulnerability > -------------------------------------------- > > Key: CONNECTORS-1597 > URL: https://issues.apache.org/jira/browse/CONNECTORS-1597 > Project: ManifoldCF > Issue Type: Improvement > Components: API > Affects Versions: ManifoldCF 2.12 > Reporter: roel goovaerts > Priority: Minor > > As a result from a pen test, a reflected cross-site scripting vulnerability > was discovered -- This message was sent by Atlassian JIRA (v7.6.3#76005)