You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tapestry.apache.org by "Christophe Cordenier (JIRA)" <ji...@apache.org> on 2010/09/06 08:57:32 UTC
[jira] Closed: (TAP5-1262) XSS vulnerability in calendar component
(apply to 5.1.0.x)
[ https://issues.apache.org/jira/browse/TAP5-1262?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Christophe Cordenier closed TAP5-1262.
--------------------------------------
Fix Version/s: 5.1.0.8
Resolution: Fixed
Patch applied to 5.1.0.x too
> XSS vulnerability in calendar component (apply to 5.1.0.x)
> ----------------------------------------------------------
>
> Key: TAP5-1262
> URL: https://issues.apache.org/jira/browse/TAP5-1262
> Project: Tapestry 5
> Issue Type: Bug
> Components: tapestry-core
> Affects Versions: 5.1.0.5
> Reporter: Christophe Cordenier
> Assignee: Christophe Cordenier
> Fix For: 5.1.0.8, 5.2.0
>
>
> The calendar component provided in tapestry 5.1.0.5 could be used to allow code injection by malicious web users into any page that uses datefield .
> To reproduce the vulnerability, put js code like <script>alert("T5 is great"); </script> in any datefield and click on the related calendar bitma
> After quick search in the DateField.js, it seems like the field value is not escaping
> escaping with a change like var value = escape($F(this.field)); the field value seems solve this vulnerability.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.