[ http://jira.undersunconsulting.com/browse/OFBIZ-559?page=comments#action_13933 ] Marco Risaliti commented on OFBIZ-559: --------------------------------------
Can I move to it to the new jira issue server ? Thanks Marco > Cross Site Scripting Vulnerability (XSS) > ---------------------------------------- > > Key: OFBIZ-559 > URL: http://jira.undersunconsulting.com/browse/OFBIZ-559 > Project: [OFBiz] Open For Business > Type: Bug > Reporter: Oliver Lietz > Assignee: Jira Administrator > > > *Very* simple test: > /ecommerce/control/keywordsearch?SEARCH_STRING=<script>alert("XSS");</script> > Other components beside ecommerce are also affected. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.undersunconsulting.com/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
