Cross Site Scripting Vulnerability (XSS)
----------------------------------------
Key: OFBIZ-260
URL: http://issues.apache.org/jira/browse/OFBIZ-260
Project: OFBiz (The Open for Business Project)
Issue Type: Bug
Components: ecommerce
Affects Versions: SVN trunk
Reporter: Marco Risaliti
*Very* simple test:
/ecommerce/control/keywordsearch?SEARCH_STRING=<script>alert("XSS");</script>
Other components beside ecommerce are also affected.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
