[magnolia-dev] [JIRA] (MGNLSTK-1105) Most of values in FTL templates should be escaped - port to master

on behalf of Roman Kovařík Tue, 26 Feb 2013 23:53:49 -0800

Change By:	Roman Kovařík (27/Feb/13 8:51 AM)
Fix Version/s:	2.5
Fix Version/s:	2.0.9
Description:	# Open some web page -> Page Info -> enter # Enter for * Headline/Navigation Title/Site Title * some XSS . # Save -> save. XSS exploit # others A lot of other templates with the same problem.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

----------------------------------------------------------------
For list details, see: http://www.magnolia-cms.com/community/mailing-lists.html
Alternatively, use our forums: http://forum.magnolia-cms.com/
To unsubscribe, E-mail to: <[email protected]>
----------------------------------------------------------------

[magnolia-dev] [JIRA] (MGNLSTK-1105) Most of values in FTL templates should be escaped - port to master

Reply via email to