[#MGNLSD-175] Cross Site Scripting Vulnerability (XSS) in Search - Magnolia

Description:

Search for <script>alert('XSS')</script> and you see that the js code is executed. Please use the same fix as provided in the samples: ~~MAGNOLIA-590~~

relation

This issue is related to:
~~MAGNOLIA-590~~ Cross Site Scripting Vulnerability (XSS) in Search template

This issue is related to:
MAGNOLIA-2111 Cross Site Scripting Vulnerability (XSS): provide a filter which checks all provided parameters

Ascending order - Click to sort in descending order

Hide

Permalink

Tom Wespi added a comment - 15/Apr/08 9:11 AM

resolved in trunk

Show

Tom Wespi added a comment - 15/Apr/08 9:11 AM resolved in trunk

Magnolia Sitedesigner