]
Trong Tran resolved GTNPORTAL-2090.
-----------------------------------
Assignee: Khoi Nguyen
Fix Version/s: 3.2.0-M02
Resolution: Done
XSS issue in application select permission editor
-------------------------------------------------
Key: GTNPORTAL-2090
URL:
https://issues.jboss.org/browse/GTNPORTAL-2090
Project: GateIn Portal
Issue Type: Bug
Security Level: Public(Everyone can see)
Reporter: Khoi Nguyen
Assignee: Khoi Nguyen
Labels: XSS, worked
Fix For: 3.2.0-M02
1/ Create new group with label is <script>alert(1)</script>
2/ Go to application, an alert appear
The problem is that the script in group label is executed in permission selector window
--
This message is automatically generated by JIRA.
For more information on JIRA, see: