input is not escaped in validation errors
------------------------------------------
Key: WICKET-3946
URL: https://issues.apache.org/jira/browse/WICKET-3946
Project: Wicket
Issue Type: Bug
Components: wicket-core
Affects Versions: 1.4.17
Reporter: Mikhail Fedko
hi,
when I add TextField<Integer>("field", Model.of(0), Integer.class)
and input inside field something like <script>alert('XSS')</script> the input
is not escaped, I just get
'' is not a valid Integer. + alert
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
