History | Log In     View a printable version of the current page.  
   HOME       BROWSE PROJECT       FIND ISSUES       PLANNING BOARD       TASK BOARD   
    QUICK SEARCH:  
Issue Details (XML | Word | Printable)

Key: DOTCMS-2809
Type: Bug Bug
Status: Released Released
Resolution: Released
Priority: Major Major
Assignee: Testing User
Reporter: Maria Bouza
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
dotCMS

XSS as Parameters and fix regex utils

Created: June 09, 2009 11:05 AM   Updated: August 12, 2009 6:44 PM  Due: 8/12/08
Component/s: a. Unknown
Affects Version/s: None
Fix Version/s: 1.7a

Time Tracking:
Original Estimate: 1 hour
Original Estimate - 1 hour
Remaining Estimate: 1 hour
Remaining Estimate - 1 hour
Time Spent: Not Specified
Remaining Estimate - 1 hour

Issue Links:
Cloners


 Description  « Hide
please test and fix the following

for example view in IE:

http://demo.dotcms.org/"><script>alert(097531);</script>/

We have a method in utilmethods to handle this. We can handle it at the top of the velocity servlet

 All   Comments   Work Log   Change History   Subversion Commits   FishEye      Sort Order: Ascending order - Click to sort in descending order
There are no comments yet on this issue.

Powered by a free Atlassian JIRA open source license for dotCMS. Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.12.3-#302) - Bug/feature request - Atlassian news - Contact Administrators