You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@ofbiz.apache.org by "Deepak Dixit (JIRA)" <ji...@apache.org> on 2019/06/04 10:46:00 UTC

[jira] [Updated] (OFBIZ-11090) Html escaping missing for renderLink parameters

     [ https://issues.apache.org/jira/browse/OFBIZ-11090?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Deepak Dixit updated OFBIZ-11090:
---------------------------------
    Attachment: OFBIZ-11090.patch

> Html escaping missing for renderLink parameters
> -----------------------------------------------
>
>                 Key: OFBIZ-11090
>                 URL: https://issues.apache.org/jira/browse/OFBIZ-11090
>             Project: OFBiz
>          Issue Type: Bug
>    Affects Versions: 17.12.01, 16.11.05, Upcoming Branch, 18.12.01
>            Reporter: Deepak Dixit
>            Assignee: Deepak Dixit
>            Priority: Major
>         Attachments: OFBIZ-11090.patch
>
>
> Html escaping missing for renderLink parameters. Parameters should be escaped to avoid Cross Site Scripting.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)