Son Tran created GTNPORTAL-2834: ----------------------------------- Summary: XSS when edit page title Key: GTNPORTAL-2834 URL: https://issues.jboss.org/browse/GTNPORTAL-2834 Project: GateIn Portal Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: 3.5.0.Final Reporter: Son Tran Priority: Minor Steps to reproduce: - Login as root - Go to Page Management portlet - Edit a page > View page properties > Change title of page to "<script>alert('hello')</script>" - Click save - Click finish - Refresh page -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira