XSS issue in application select permission editor ------------------------------------------------- Key: GTNPORTAL-2090 URL: https://issues.jboss.org/browse/GTNPORTAL-2090 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Reporter: Khoi Nguyen 1/ Create new group with label is <script>alert(1)</script> 2/ Go to application, an alert appear The problem is that the script in group label is executed in permission selector window -- This message is automatically generated by JIRA. For more information on JIRA, see: http://www.atlassian.com/software/jira