You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@myfaces.apache.org by "Udo Schnurpfeil (JIRA)" <de...@myfaces.apache.org> on 2018/01/04 16:33:00 UTC
[jira] [Resolved] (TOBAGO-1839) Cross-site scripting (XSS)
vulnerability in jsoup before 1.8.3 - CVE-2015-6748
[ https://issues.apache.org/jira/browse/TOBAGO-1839?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Udo Schnurpfeil resolved TOBAGO-1839.
-------------------------------------
Resolution: Fixed
> Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3 - CVE-2015-6748
> ------------------------------------------------------------------------------
>
> Key: TOBAGO-1839
> URL: https://issues.apache.org/jira/browse/TOBAGO-1839
> Project: MyFaces Tobago
> Issue Type: Task
> Components: Core
> Affects Versions: 2.1.0, 3.0.6
> Reporter: Udo Schnurpfeil
> Assignee: Udo Schnurpfeil
> Fix For: 2.1.1, 4.1.0, 3.0.7
>
>
> Tobago uses jsoup by default. But the dependency can be updated to a newer version in the application which uses Tobago.
> The next releases should reference an updated version of jsoup.
> Current version is 1.11.2
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)