[
https://issues.apache.org/jira/browse/OPENMEETINGS-793?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13768140#comment-13768140
]
SebastianWagner commented on OPENMEETINGS-793:
----------------------------------------------
But it is really quite complex, as you do not want to parse out too much. I
would rather prefer usage of an existing library then something written from
scratch.
> Possibility of Code Injection Vulnerability found.
> --------------------------------------------------
>
> Key: OPENMEETINGS-793
> URL: https://issues.apache.org/jira/browse/OPENMEETINGS-793
> Project: Openmeetings
> Issue Type: Bug
> Environment: flash version 11.2.202.243 , mozilla firefox, linux
> Reporter: rahul bhola
> Priority: Critical
> Attachments: 1.png, 2.png
>
>
> Code injection vulnerability. I was using flash version 11.2.202.243 and OM
> hosted at http://demo.dataved.ru/openmeetings/ . there is a possibility of
> code injection in chat room. I was able to pass javascript code to the
> browser engine in mozilla firefox (linux)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
