Title: Message Title
| |
|
|
| Issue Type: |
![Bug]() Bug |
| Affects Versions: |
2.8.1 |
| Assignee: |
Unassigned |
| Components: |
WFS |
| Created: |
20/May/16 10:28 AM |
| Environment: |
Linux Redhat 6, running in Tomcat 6.0.45 Container |
| Priority: |
![Medium]() Medium |
| Reporter: |
Steve Reed |
|
| Reflected Cross Site Scripting Vulnerability in GeoServer TestWfsPost Service Potentially malicious content can be injected into the post request and is reflected unchanged in the response which may then be actioned in the client browser. The value of the url request parameter can be altered and submitted e.g
Example URL
http://localhost:8080/geoserver/TestWfsPost?form_hf_0=&url=""> |
|
|
|
| |
|
|
------------------------------------------------------------------------------
Mobile security can be enabling, not merely restricting. Employees who
bring their own devices (BYOD) to work are irked by the imposition of MDM
restrictions. Mobile Device Manager Plus allows you to control only the
apps on BYO-devices by containerizing them, leaving personal data untouched!
https://ad.doubleclick.net/ddm/clk/304595813;131938128;j
_______________________________________________
Geoserver-devel mailing list
Geoserver-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/geoserver-devel
