On the "Available SOAP services page", I have an XSS injection problem. Ex : http://localhost:8080/webapp/services/<script>alert('XSS')</script>
This could be used against site using CXf for phishing. What do you recommend to prevent that problem? Thanks, Emeric -- View this message in context: http://cxf.547215.n5.nabble.com/XSS-flaw-in-Available-SOAP-services-page-tp3398847p3398847.html Sent from the cxf-user mailing list archive at Nabble.com.
