You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@jspwiki.apache.org by "Florian Holeczek (JIRA)" <ji...@apache.org> on 2011/09/11 01:37:09 UTC
[jira] [Closed] (JSPWIKI-46) Attachment servlet performs unsafe
redirection
[ https://issues.apache.org/jira/browse/JSPWIKI-46?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Florian Holeczek closed JSPWIKI-46.
-----------------------------------
> Attachment servlet performs unsafe redirection
> ----------------------------------------------
>
> Key: JSPWIKI-46
> URL: https://issues.apache.org/jira/browse/JSPWIKI-46
> Project: JSPWiki
> Issue Type: Bug
> Components: Core & storage
> Affects Versions: 2.4.104, 2.5.139-beta
> Reporter: Janne Jalkanen
> Assignee: Janne Jalkanen
> Fix For: 2.6.0
>
>
> The attachment servlet performs a redirection based on data supplied by the end user without authorizing that this location is acceptable, leading to potential phishing attacks.
> (From Ounce)
--
This message is automatically generated by JIRA.
For more information on JIRA, see: http://www.atlassian.com/software/jira