[
https://issues.apache.org/jira/browse/WW-4765?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15935774#comment-15935774
]
Lukasz Lenart commented on WW-4765:
-----------------------------------
[~quaff] that was a developer's fault :( And to avoid such problems in the
future I'm changing APIs around text translations (i.e. {{TextProvider}},
{{LocalizedTextUtils}}, etc)
> Remove all TextParseUtil.translateVariables(message, valueStack) from
> LocalizedTextUtil
> ---------------------------------------------------------------------------------------
>
> Key: WW-4765
> URL: https://issues.apache.org/jira/browse/WW-4765
> Project: Struts 2
> Issue Type: Improvement
> Components: Core
> Reporter: zhouyanming
> Priority: Critical
>
> Some messages are origin from client which could be malicious, We must close
> this door. recent S2-045 S2-046 was sufferer.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
