Details
Bug
Major
Description
A cross-site scripting attack is possible through the error message.
Activity
- All
- Comments
- History
- Activity
- Remote Attachments
- Subversion
| Repository | Revision | Date | User | Message |
| ICEsoft Public SVN Repository | #15022 | Wed Oct 24 16:55:06 MDT 2007 | ted.goddard | Error messages echoed to the browser should not contain user input ( |
| Files Changed | ||||
MODIFY
/icefaces/branches/icefaces-1.6/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/PathDispatcher.java
|
| Repository | Revision | Date | User | Message |
| ICEsoft Public SVN Repository | #14890 | Thu Oct 04 16:11:30 MDT 2007 | ted.goddard | Error messages echoed to the browser should not contain user input ( |
| Files Changed | ||||
|
MODIFY
/icefaces/trunk/icefaces/core/src/com/icesoft/faces/webapp/http/servlet/PathDispatcher.java
|