Hi, I did a findsecuritybug scan for one of my project which uses commons-fileupload. There tool report that below code segment is suspicious for Tainted filename read.
String fileName = item.getName() Could someone tell me whether Is there a protection against that from commons-fileupload implementation itself? Or users have to manually check validated the file name? Thanks Thusitha
