Details

    • Type: Regression Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 6.1.0 CE RC1
    • Fix Version/s: --Sprint 12/11, 6.1.0 CE RC1
    • Component/s: Dynamic Data Lists
    • Labels:
    • Environment:
      Tomcat 7.0.21 + MySQL 5.5. 6.1.x Revision 88367.

      Description

      1. Go to Control Panel&Dynamic Date Lists.
      2. Add a new List or Data Definition with malicious Name and Description and like "<script>alert("xss")</script>".

        Issue Links

          Activity

          No work has yet been logged on this issue.

            People

            • Assignee:
              mark.jin Mark Jin (Inactive)
              Reporter:
              mark.jin Mark Jin (Inactive)
              Participants of an Issue:
              Recent user:
              Randy Zhu (Inactive)
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:
                Days since last comment:
                5 years, 25 weeks, 4 days ago

                Development

                  Subcomponents