[gatein-issues] [JBoss JIRA] Resolved: (GTNPORTAL-2090) XSS issue in application select permission editor
Trong Tran (JIRA)
jira-events at lists.jboss.org
Mon Oct 3 06:22:26 EDT 2011
[ https://issues.jboss.org/browse/GTNPORTAL-2090?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Trong Tran resolved GTNPORTAL-2090.
-----------------------------------
Assignee: Khoi Nguyen
Fix Version/s: 3.2.0-M02
Resolution: Done
> XSS issue in application select permission editor
> -------------------------------------------------
>
> Key: GTNPORTAL-2090
> URL: https://issues.jboss.org/browse/GTNPORTAL-2090
> Project: GateIn Portal
> Issue Type: Bug
> Security Level: Public(Everyone can see)
> Reporter: Khoi Nguyen
> Assignee: Khoi Nguyen
> Labels: XSS, worked
> Fix For: 3.2.0-M02
>
>
> 1/ Create new group with label is <script>alert(1)</script>
> 2/ Go to application, an alert appear
> The problem is that the script in group label is executed in permission selector window
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the gatein-issues
mailing list