AbstractTextComponent not escaping html data by default therefore user text is
not redisplayed correctly
--------------------------------------------------------------------------------------------------------
Key: WICKET-4505
URL: https://issues.apache.org/jira/browse/WICKET-4505
Project: Wicket
Issue Type: Bug
Components: wicket
Affects Versions: 1.5.5
Reporter: Jean-Philippe Boudreault
User input is not escaped in all text fields by default
This leads to user entered text not being redisplayed correctly and it also
makes those text fields vulnerable to XSS.
* You can replicate using the project from WICKET-3330.
* Just enter the text my½companyname and press enter
* The field will not redisplay the text entered properly
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
