[jira] [Created] (WW-3608) Java Template defaults to opening up a XSS vulnerability

Dustin Digmann (JIRA) Tue, 19 Apr 2011 09:32:46 -0700

Java Template defaults to opening up a XSS vulnerability
--------------------------------------------------------


                 Key: WW-3608
                 URL: https://issues.apache.org/jira/browse/WW-3608
             Project: Struts 2
          Issue Type: Bug
          Components: Plugin - Java Templates
            Reporter: Dustin Digmann


The following components do not escape input by default on submission: 
FileHandler, HiddenHandler, PasswordHandler, ResetHandler, SelectHandler, 
SubmitHandler, and TextFieldHandler.  This opens up an XSS vulnerability by 
default.

They currently do something like:

.addIfExists("value", params.get("nameValue"), false)

instead of:

.addIfExists("value", params.get("nameValue"), true)

I vote it defaults to escaping.  Having an attribute added to toggle it would 
be nice too.

--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Created] (WW-3608) Java Template defaults to opening up a XSS vulnerability

Reply via email to