[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12707673#action_12707673 ] Sam Hamilton commented on OFBIZ-1959: - I am out of the office with no access to email

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12700543#action_12700543 ] David E. Jones commented on OFBIZ-1959: --- Thanks for your review Michele. I'm not

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12700137#action_12700137 ] Jacques Le Roux commented on OFBIZ-1959: Thanks for you help Michele! Multiple

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12675948#action_12675948 ] Michele Orru commented on OFBIZ-1959: - Hi David, Hi Jacques Here I've found another

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12675958#action_12675958 ] Michele Orru commented on OFBIZ-1959: - Anyway...The hackaton idea is not bad! I really

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12675505#action_12675505 ] David E. Jones commented on OFBIZ-1959: --- I forgot to mention, my last changes are in

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12675503#action_12675503 ] David E. Jones commented on OFBIZ-1959: --- Thanks for your comments Michele. I took a

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12675005#action_12675005 ] Jacques Le Roux commented on OFBIZ-1959: Hi Michele, I'm not sure what to do,

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12675037#action_12675037 ] Michele Orru commented on OFBIZ-1959: - Hi Jacques. The steps are easy: 1. log in to

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12675054#action_12675054 ] Jacques Le Roux commented on OFBIZ-1959: Thanks Michele, I did not try yet but yes

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12674572#action_12674572 ] Michele Orru commented on OFBIZ-1959: - Hi David, Hi Jaques. I'm analyzing your patches

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12674013#action_12674013 ] Michele Orru commented on OFBIZ-1959: - Hi Jacques Sorry to come here in the discussion

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12674048#action_12674048 ] Jacques Le Roux commented on OFBIZ-1959: Hi Michele, Yes it was done with ESAPI.

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12673494#action_12673494 ] Jacques Le Roux commented on OFBIZ-1959: Hi Michele, Could you please check, with

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12630874#action_12630874 ] BJ Freeman commented on OFBIZ-1959: --- I don't see any thing relative to ofbiz in this post

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12630879#action_12630879 ] Michele Orru commented on OFBIZ-1959: - Of course I tested all of them on Ofbiz, and the

[jira] Commented: (OFBIZ-1959) Multiple Security Issues (XSRF, XSS, Session Hijacking): exploitation and mitigation

[ https://issues.apache.org/jira/browse/OFBIZ-1959?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=12630897#action_12630897 ] BJ Freeman commented on OFBIZ-1959: --- Look forward to you patches. :D Multiple Security