ICEfaces
  1. ICEfaces
  2. ICE-11372

SECURITY: Potential 'eval' injection risk in gmap.js

    Details

    • Type: Improvement Improvement
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: EE-1.8.2.GA_P09
    • Fix Version/s: EE-1.8.2.GA_P10
    • Component/s: Bridge
    • Labels:
      None
    • Environment:
      Any

      Description

      After some recent work regarding potential eval injection risks in ICEfaces 3.3 and 4.2, our ICEfaces 1.8.2 code should be surveyed for other potentially dangerous uses of the eval() function, and those uses should be refactored to avoid using the eval function().

        Activity

        Repository Revision Date User Message
        ICEsoft Public SVN Repository #52042 Mon Oct 30 19:49:32 MDT 2017 art.zambrano ICE-11372 refactored potentially dangerous uses of the eval() function to avoid using it
        Files Changed
        Commit graph MODIFY /icefaces/trunk/icefaces/bridge/lib/extras/gmap.js
        Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/gmap/GMapMarker.java

          People

          • Assignee:
            Arturo Zambrano
            Reporter:
            Arturo Zambrano
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: