[ https://issues.apache.org/jira/browse/SOLR-1031?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Peter Wolanin updated SOLR-1031: -------------------------------- Attachment: SOLR-1031.patch > XSS vulnerability in schema.jsp (patch included) > ------------------------------------------------ > > Key: SOLR-1031 > URL: https://issues.apache.org/jira/browse/SOLR-1031 > Project: Solr > Issue Type: Bug > Components: web gui > Affects Versions: 1.2, 1.3 > Reporter: Paul Lovvik > Attachments: SchemaXSS.patch, SOLR-1031.patch > > > If javascript is embedded in any of the fields, it is possible for that > javascript to be executed when viewing the schema. > The javascript will appear in the "Top Terms" part of the UI. > I have created a simple patch to prevent this problem from occurring. -- This message is automatically generated by JIRA. - You can reply to this email to add a comment to the issue online.