Cross-Site Scripting (XSS) vulnerability
-----------------------------------------
Key: JS2-656
URL: https://issues.apache.org/jira/browse/JS2-656
Project: Jetspeed 2
Issue Type: Bug
Components: Components Core
Affects Versions: 2.1
Reporter: Ate Douma
Assigned To: Ate Douma
Priority: Blocker
Fix For: 2.1
A Cross-Site Scripting vulnerability was found for Jetspeed allowing anXXS Url
attack like the following:
http://localhost:8080/jetspeed/portal/pages/default-page.psml/%22%3e%3cscript%3ealert(%27XSS%20test%27)%3c/script%3e
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
