Issue Type: Task Task
Affects Versions: 1.0.0.CR1, 1.0.0
Assignee: Unassigned
Components: examples
Created: 28/Mar/13 3:42 AM
Description:

The todo app does not prevent xss.

Adding the following description to a task will demonstrate the issue:

<h1 onmouseover='alert(new Date())'>"Come on!"</h1>
<marquee><h2> dsssssd </h2></marquee>

Thanks to the person that did this on the https://todo-aerogear.rhcloud.com/, for providing this example.
Fix Versions: 1.future
Project: AeroGear
Priority: Major Major
Reporter: Daniel Bevenius
Security Level: Public (Everyone can see)
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira