You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Benedikt Ritter (JIRA)" <ji...@apache.org> on 2015/04/03 12:30:52 UTC

[jira] [Commented] (IO-474) veracode scan points cross site scripting vulnerability at org/.../commons/io/FileUtils.java 2095.

    [ https://issues.apache.org/jira/browse/IO-474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14394285#comment-14394285 ] 

Benedikt Ritter commented on IO-474:
------------------------------------

Please provide some more information. What exactly is the problem? How can an attacker exploit Commons IO for an attack. Can you provide a test showing the problem?

>  veracode scan points cross site scripting vulnerability at org/.../commons/io/FileUtils.java 2095. 
> ----------------------------------------------------------------------------------------------------
>
>                 Key: IO-474
>                 URL: https://issues.apache.org/jira/browse/IO-474
>             Project: Commons IO
>          Issue Type: Bug
>    Affects Versions: 2.4
>         Environment: Linux
>            Reporter: Ananth 
>
> We use commons-io-2.4.jar. Recently our veracode scan points cross site scripting vulnerability at org/.../commons/io/FileUtils.java 2095. Do we have a recent version that addresses this issue



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)