You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Benedikt Ritter (JIRA)" <ji...@apache.org> on 2015/04/03 12:30:52 UTC
[jira] [Commented] (IO-474) veracode scan points cross site
scripting vulnerability at org/.../commons/io/FileUtils.java 2095.
[ https://issues.apache.org/jira/browse/IO-474?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14394285#comment-14394285 ]
Benedikt Ritter commented on IO-474:
------------------------------------
Please provide some more information. What exactly is the problem? How can an attacker exploit Commons IO for an attack. Can you provide a test showing the problem?
> veracode scan points cross site scripting vulnerability at org/.../commons/io/FileUtils.java 2095.
> ----------------------------------------------------------------------------------------------------
>
> Key: IO-474
> URL: https://issues.apache.org/jira/browse/IO-474
> Project: Commons IO
> Issue Type: Bug
> Affects Versions: 2.4
> Environment: Linux
> Reporter: Ananth
>
> We use commons-io-2.4.jar. Recently our veracode scan points cross site scripting vulnerability at org/.../commons/io/FileUtils.java 2095. Do we have a recent version that addresses this issue
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)