Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: 1.1.7
Affects Version/s: 1.1.4
Labels:
None

Template:
Acceptance criteria:

Empty

show more show less

Search for <script>alert('XSS')</script> and you see that the js code is executed. Please use the same fix as provided in the samples: ~~MAGNOLIA-590~~

Acceptance criteria

is related to

MAGNOLIA-590 Cross Site Scripting Vulnerability (XSS) in Search template

Closed

MAGNOLIA-2111 Cross Site Scripting Vulnerability (XSS): provide a filter which checks all provided parameters

Closed

Assignee:: Tom Wespi

Reporter:: Philipp Bärfuss

Votes:: 0 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 14/Apr/08 1:12 PM

Updated:: 05/Aug/15 3:30 PM

Resolved:: 10/Jul/08 10:43 PM

Date of First Response:: 15/Apr/08 9:11 AM

Details

Description

Checklists

Attachments

Issue Links

Activity

People

Dates