If this is a web application, be sure you've read this: http://wiki.apache.org/velocity/BuildingSecureWebApplications
On Tue, Jul 1, 2008 at 5:21 PM, Tom Jenkins <[EMAIL PROTECTED]> wrote: > Hello all, > We just had to submit one of our applications to a security audit by a third > party. They flagged about 15 velocity classes after running it through > their black box. I'm not 100% sure of the validity of some of these flags. > Is there some place I can discuss the issues? Or perhaps someone directly? > > Thanks > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
