[ https://issues.apache.org/jira/browse/HAWQ-190?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15038492#comment-15038492 ]
ASF GitHub Bot commented on HAWQ-190: ------------------------------------- Github user hornn closed the pull request at: https://github.com/apache/incubator-hawq/pull/151 > XSS: Reflected: Invalid PathResource.java: Ln 99, 107 > ----------------------------------------------------- > > Key: HAWQ-190 > URL: https://issues.apache.org/jira/browse/HAWQ-190 > Project: Apache HAWQ > Issue Type: Bug > Components: PXF, Security > Reporter: Goden Yao > Assignee: Goden Yao > > The method sendErrorMessage() in InvalidPathResource.java sends unvalidated > data to a web browser on line 107, which can result in the browser executing > malicious code. -- This message was sent by Atlassian JIRA (v6.3.4#6332)