ICEfaces
  1. ICEfaces
  2. ICE-2184

fortify scan PathDispatcher Cross Site Scripting

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.7DR#1
    • Fix Version/s: 1.6.2, 1.7DR#2, 1.7
    • Component/s: Framework
    • Labels:
      None
    • Environment:
      ICEfaces

      Description

      A cross-site scripting attack is possible through the error message.

        Activity

        Hide
        Ted Goddard added a comment -

        svn merge -r 13642:14890 ../../../trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/PathDispatcher.java core/src/com/icesoft/faces/webapp/http/servlet/PathDispatcher.java

        Show
        Ted Goddard added a comment - svn merge -r 13642:14890 ../../../trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/PathDispatcher.java core/src/com/icesoft/faces/webapp/http/servlet/PathDispatcher.java

          People

          • Assignee:
            Unassigned
            Reporter:
            Ted Goddard
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: