ICEfaces
  1. ICEfaces
  2. ICE-11372

SECURITY: Potential 'eval' injection risk in gmap.js

          Details

          • Type: Improvement Improvement
          • Status: Closed
          • Priority: Major Major
          • Resolution: Fixed
          • Affects Version/s: EE-1.8.2.GA_P09
          • Fix Version/s: EE-1.8.2.GA_P10
          • Component/s: Bridge
          • Labels:
            None
          • Environment:
            Any

            Description

            After some recent work regarding potential eval injection risks in ICEfaces 3.3 and 4.2, our ICEfaces 1.8.2 code should be surveyed for other potentially dangerous uses of the eval() function, and those uses should be refactored to avoid using the eval function().

              Activity

              Repository Revision Date User Message
              ICEsoft Public SVN Repository #52042 Mon Oct 30 19:49:32 MDT 2017 art.zambrano ICE-11372 refactored potentially dangerous uses of the eval() function to avoid using it
              Files Changed
              Commit graph MODIFY /icefaces/trunk/icefaces/bridge/lib/extras/gmap.js
              Commit graph MODIFY /icefaces/trunk/icefaces/component/src/com/icesoft/faces/component/gmap/GMapMarker.java

                People

                • Assignee:
                  Arturo Zambrano
                  Reporter:
                  Arturo Zambrano
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: