You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@ofbiz.apache.org by "Deepak Dixit (JIRA)" <ji...@apache.org> on 2019/06/04 10:46:00 UTC
[jira] [Updated] (OFBIZ-11090) Html escaping missing for renderLink
parameters
[ https://issues.apache.org/jira/browse/OFBIZ-11090?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Deepak Dixit updated OFBIZ-11090:
---------------------------------
Attachment: OFBIZ-11090.patch
> Html escaping missing for renderLink parameters
> -----------------------------------------------
>
> Key: OFBIZ-11090
> URL: https://issues.apache.org/jira/browse/OFBIZ-11090
> Project: OFBiz
> Issue Type: Bug
> Affects Versions: 17.12.01, 16.11.05, Upcoming Branch, 18.12.01
> Reporter: Deepak Dixit
> Assignee: Deepak Dixit
> Priority: Major
> Attachments: OFBIZ-11090.patch
>
>
> Html escaping missing for renderLink parameters. Parameters should be escaped to avoid Cross Site Scripting.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)