[jira] Updated: (TRINIDAD-1868) cross-site scripting vulnerability using adfv

Gary VanMatre (JIRA) Tue, 27 Jul 2010 11:01:51 -0700

     [ 
https://issues.apache.org/jira/browse/TRINIDAD-1868?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Gary VanMatre updated TRINIDAD-1868:
------------------------------------

    Status: Patch Available  (was: Open)

> cross-site scripting vulnerability using __adfv__
> -------------------------------------------------
>
>                 Key: TRINIDAD-1868
>                 URL: https://issues.apache.org/jira/browse/TRINIDAD-1868
>             Project: MyFaces Trinidad
>          Issue Type: Bug
>    Affects Versions:  1.2.11-core,  1.2.12-core, 2.0.0.3-core
>            Reporter: Gary VanMatre
>
> Cross-Site Scripting vulnerability. Using a simple JSF Page with __ADFv__ in
> the URL and some JavaScript results in the rendering and execution of the
> JavaScript in the user's web browser.
> Needs fixed in the following branches: 
> * 1.2.11.1-branch
> * 1.2.12.3-branch
> * trunk

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.

[jira] Updated: (TRINIDAD-1868) cross-site scripting vulnerability using __adfv__

Reply via email to

[jira] Updated: (TRINIDAD-1868) cross-site scripting vulnerability using adfv