How hard is it to sanitise the locator element in WMS exceptions? That 
would fix this new XSS vulnerability found by a third-party security audit:
https://jira.codehaus.org/browse/GEOS-6632

On 29/08/14 01:22, Andrea Aime wrote:
> I'm going to try and have a look at the WMS cascading issue, it's the
> only one I have on the radar

-- 
Ben Caradoc-Davies <[email protected]>
Software Engineer
CSIRO Mineral Resources Flagship
Australian Resources Research Centre

------------------------------------------------------------------------------
Slashdot TV.  
Video for Nerds.  Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Geoserver-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/geoserver-devel

Reply via email to