You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jackrabbit.apache.org by "Tobias Bocanegra (JIRA)" <ji...@apache.org> on 2016/05/16 19:11:12 UTC
[jira] [Assigned] (JCRVLT-117) Potential XSS problem in
org.apache.jackrabbit.vault.util.HtmlProgressListener
[ https://issues.apache.org/jira/browse/JCRVLT-117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tobias Bocanegra reassigned JCRVLT-117:
---------------------------------------
Assignee: Tobias Bocanegra
> Potential XSS problem in org.apache.jackrabbit.vault.util.HtmlProgressListener
> ------------------------------------------------------------------------------
>
> Key: JCRVLT-117
> URL: https://issues.apache.org/jira/browse/JCRVLT-117
> Project: Jackrabbit FileVault
> Issue Type: Bug
> Reporter: Tobias Bocanegra
> Assignee: Tobias Bocanegra
>
> the {{org.apache.jackrabbit.vault.util.HtmlProgressListener}} should escape the arguments before it streams them to the stream. the users of the progress listener should not care about the intended output medium.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)