From jira-events at lists.jboss.org Mon Sep 12 06:23:26 2011 Content-Type: multipart/mixed; boundary="===============0023768525175297020==" MIME-Version: 1.0 From: Khoi Nguyen (JIRA) To: gatein-issues at lists.jboss.org Subject: [gatein-issues] [JBoss JIRA] Created: (GTNPORTAL-2090) XSS issue in application select permission editor Date: Mon, 12 Sep 2011 06:23:26 -0400 Message-ID: <956177706.38645.1315823006186.JavaMail.tomcat@jira02.app.mwc.hst.phx2.redhat.com> --===============0023768525175297020== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable XSS issue in application select permission editor ------------------------------------------------- Key: GTNPORTAL-2090 URL: https://issues.jboss.org/browse/GTNPORTAL-2090 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Khoi Nguyen 1/ Create new group with label is 2/ Go to application, an alert appear = The problem is that the script in group label is executed in permission sel= ector window -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira =20 --===============0023768525175297020==-- From jira-events at lists.jboss.org Mon Oct 3 06:22:26 2011 Content-Type: multipart/mixed; boundary="===============5627928426023060631==" MIME-Version: 1.0 From: Trong Tran (JIRA) To: gatein-issues at lists.jboss.org Subject: [gatein-issues] [JBoss JIRA] Resolved: (GTNPORTAL-2090) XSS issue in application select permission editor Date: Mon, 03 Oct 2011 06:22:26 -0400 Message-ID: <895096104.93859.1317637346499.JavaMail.tomcat@jira02.app.mwc.hst.phx2.redhat.com> In-Reply-To: 956177706.38645.1315823006186.JavaMail.tomcat@jira02.app.mwc.hst.phx2.redhat.com --===============5627928426023060631== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable [ https://issues.jboss.org/browse/GTNPORTAL-2090?page=3Dcom.atlassian.= jira.plugin.system.issuetabpanels:all-tabpanel ] Trong Tran resolved GTNPORTAL-2090. ----------------------------------- Assignee: Khoi Nguyen Fix Version/s: 3.2.0-M02 Resolution: Done > XSS issue in application select permission editor > ------------------------------------------------- > > Key: GTNPORTAL-2090 > URL: https://issues.jboss.org/browse/GTNPORTAL-2090 > Project: GateIn Portal > Issue Type: Bug > Security Level: Public(Everyone can see) = > Reporter: Khoi Nguyen > Assignee: Khoi Nguyen > Labels: XSS, worked > Fix For: 3.2.0-M02 > > > 1/ Create new group with label is > 2/ Go to application, an alert appear = > The problem is that the script in group label is executed in permission s= elector window -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira =20 --===============5627928426023060631==--