[
https://issues.apache.org/jira/browse/JS2-1076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ate Douma updated JS2-1076:
---------------------------
Affects Version/s: 2.1.4
Fix Version/s: 2.2.1
See also JS2-1075, part of the generated token key is based upon username,
which should be encoded first
> insecure redirector during login
> --------------------------------
>
> Key: JS2-1076
> URL: https://issues.apache.org/jira/browse/JS2-1076
> Project: Jetspeed 2
> Issue Type: Bug
> Components: Security
> Environment: all
> Reporter: radko keves
> Fix For: 2.1.4, 2.2.1
>
>
> /jetspeed/login/redirector?token
> token.getToken() added to redirector isn't encoded
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
