XSS issues in wall portlet
Description
Discovered while testing
Activity
Samuel Kong July 3, 2012 at 12:57 AMEdited
Committed on:
Plugins 6.1.x CE GIT ID: 20bfd780b6c616c9807141150435942e822de4a4.
EdG June 25, 2012 at 5:02 PM
Slated for inclusion in 6.1.1 CE GA2
Sharry Shi June 5, 2012 at 6:45 PM
PASSED Manual Testing following the steps in the description.
Fixed on:
Tomcat 7.0 + MySQL 5. Portal 6.0.x GIT ID: c51d8399f6f9ad39ba0eaea7e6b659c23978069e.
Plugins 6.0.x GIT ID: eacb947a888868eaa358784c712b9e96a36f380e.
Sharry Shi June 5, 2012 at 2:38 AM
Blocked by http://issues.liferay.com/browse/LPS-27753 while testing on Portal 6.0.x.
Sharry Shi June 5, 2012 at 2:36 AMEdited
PASSED Manual Testing following the steps in the description.
Reproduced on:
Tomcat 7.0 + MySQL 5. Portal 6.1.0 CE GA1.
Plugins 6.1.0 CE GA1.
XSS issues in wall portlet.
Fixed on:
Tomcat 7.0 + MySQL 5. Portal 6.1.x.EE GIT ID: f3802589d23afcddb62ad6aa0c62b4c064736f7c
Plugins 6.1.x.EE GIT ID: 78d6dcb08b05b6d4f585adc048533bf72d1c84da.
Tomcat 7.0 + MySQL 5. Portal 6.2.x GIT ID: d1bf3f0dcb8733fdead77464844c830d518c195a.
Plugins 6.2.x GIT ID: 08530e81a4073af8e4097bbedd6528130c25d716.
No XSS issues in wall portlet.
Details
Assignee
Sharry ShiSharry Shi(Deactivated)Reporter
Amos FongAmos FongLabels
Branch Version/s
6.1.x6.0.xBackported to Branch
CommittedFix Priority
3Git Pull Request
Components
Fix versions
Affects versions
Priority
Medium
Details
Details
Assignee
Sharry ShiReporter
Amos FongLabels
Branch Version/s
Backported to Branch
Fix Priority
Git Pull Request
Components
Fix versions
Affects versions
Priority
MediumZendesk Support
Linked Tickets
Zendesk Support
Linked Tickets
Zendesk Support
1. Add wall portlet
2. Post on friend's wall
3. Change FIRST name to '"><script>alert('xss');</script>
4. View wall portlet as the friend