[gatein-issues] [JBoss JIRA] Created: (GTNPORTAL-2090) XSS issue in application select permission editor
Khoi Nguyen (JIRA)
jira-events at lists.jboss.org
Mon Sep 12 06:23:26 EDT 2011
XSS issue in application select permission editor
-------------------------------------------------
Key: GTNPORTAL-2090
URL: https://issues.jboss.org/browse/GTNPORTAL-2090
Project: GateIn Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Reporter: Khoi Nguyen
1/ Create new group with label is <script>alert(1)</script>
2/ Go to application, an alert appear
The problem is that the script in group label is executed in permission selector window
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the gatein-issues
mailing list