You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@jackrabbit.apache.org by "Tobias Bocanegra (JIRA)" <ji...@apache.org> on 2016/05/16 19:11:12 UTC

[jira] [Assigned] (JCRVLT-117) Potential XSS problem in org.apache.jackrabbit.vault.util.HtmlProgressListener

     [ https://issues.apache.org/jira/browse/JCRVLT-117?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Tobias Bocanegra reassigned JCRVLT-117:
---------------------------------------

    Assignee: Tobias Bocanegra

> Potential XSS problem in org.apache.jackrabbit.vault.util.HtmlProgressListener
> ------------------------------------------------------------------------------
>
>                 Key: JCRVLT-117
>                 URL: https://issues.apache.org/jira/browse/JCRVLT-117
>             Project: Jackrabbit FileVault
>          Issue Type: Bug
>            Reporter: Tobias Bocanegra
>            Assignee: Tobias Bocanegra
>
> the {{org.apache.jackrabbit.vault.util.HtmlProgressListener}} should escape the arguments before it streams them to the stream. the users of the progress listener should not care about the intended output medium.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)