[
https://issues.apache.org/jira/browse/VCL-808?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Karl Vollmer updated VCL-808:
-----------------------------
Description:
put in HTML/Javascript for a users first name, it makes it into the database
and is displayed and executed on the web interface
Example: ./vcld -setup
Add user with a firstname of "<b>Bol</b>"
Lookup the user on the web interface
was:
put in HTML/Javascript for a users first time, at least it isn't displayed on
the web interface, but it makes it into the database.
Example: ./vcld -setup
Add user with a firstname of "<b>Bol</b>"
Lookup the user on the web interface
> vcld allows user values that contain HTML which is not cleaned on web
> interface
> -------------------------------------------------------------------------------
>
> Key: VCL-808
> URL: https://issues.apache.org/jira/browse/VCL-808
> Project: VCL
> Issue Type: Improvement
> Components: vcld (backend)
> Affects Versions: 2.3.2
> Reporter: Karl Vollmer
>
> put in HTML/Javascript for a users first name, it makes it into the database
> and is displayed and executed on the web interface
> Example: ./vcld -setup
> Add user with a firstname of "<b>Bol</b>"
> Lookup the user on the web interface
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
