[ https://issues.apache.org/jira/browse/OPENMEETINGS-793?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13768140#comment-13768140 ]
SebastianWagner commented on OPENMEETINGS-793: ---------------------------------------------- But it is really quite complex, as you do not want to parse out too much. I would rather prefer usage of an existing library then something written from scratch. > Possibility of Code Injection Vulnerability found. > -------------------------------------------------- > > Key: OPENMEETINGS-793 > URL: https://issues.apache.org/jira/browse/OPENMEETINGS-793 > Project: Openmeetings > Issue Type: Bug > Environment: flash version 11.2.202.243 , mozilla firefox, linux > Reporter: rahul bhola > Priority: Critical > Attachments: 1.png, 2.png > > > Code injection vulnerability. I was using flash version 11.2.202.243 and OM > hosted at http://demo.dataved.ru/openmeetings/ . there is a possibility of > code injection in chat room. I was able to pass javascript code to the > browser engine in mozilla firefox (linux) -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira