[jira] [Resolved] (JCRVLT-117) Potential XSS problem in org.apache.jackrabbit.vault.util.HtmlProgressListener

Tobias Bocanegra (JIRA) Mon, 16 May 2016 12:28:17 -0700

     [ 
https://issues.apache.org/jira/browse/JCRVLT-117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Tobias Bocanegra resolved JCRVLT-117.
-------------------------------------
       Resolution: Fixed
    Fix Version/s: 3.1.28

fixed in r1744116

> Potential XSS problem in org.apache.jackrabbit.vault.util.HtmlProgressListener
> ------------------------------------------------------------------------------
>
>                 Key: JCRVLT-117
>                 URL: https://issues.apache.org/jira/browse/JCRVLT-117
>             Project: Jackrabbit FileVault
>          Issue Type: Bug
>            Reporter: Tobias Bocanegra
>            Assignee: Tobias Bocanegra
>             Fix For: 3.1.28
>
>
> the {{org.apache.jackrabbit.vault.util.HtmlProgressListener}} should escape 
> the arguments before it streams them to the stream. the users of the progress 
> listener should not care about the intended output medium.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (JCRVLT-117) Potential XSS problem in org.apache.jackrabbit.vault.util.HtmlProgressListener

Reply via email to