Details

    • Type: Regression Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 6.1.0 CE RC1
    • Fix Version/s: --Sprint 12/11, 6.1.0 CE RC1
    • Component/s: Dynamic Data Lists
    • Labels:
    • Environment:
      Tomcat 7.0.21 + MySQL 5.5. 6.1.x Revision 88367.

      Description

      1. Go to Control Panel&Dynamic Date Lists.
      2. Add a new List or Data Definition with malicious Name and Description and like "<script>alert("xss")</script>".

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                mark.jin Mark Jin (Inactive)
                Reporter:
                mark.jin Mark Jin (Inactive)
                Participants of an Issue:
                Recent user:
                Randy Zhu (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:
                  Days since last comment:
                  5 years, 30 weeks ago

                  Subcomponents