Details

    • Type: Bug
    • Status: Closed
    • Resolution: Fixed
    • Affects Version/s: 6.1.0 CE GA1, 6.1.10 EE GA1, 6.2.0 CE M2
    • Component/s: Documents & Media
    • Labels:
    • Environment:
      Tomcat 7.0 + MySQL 5. 6.1.x EE GIT ID: f42f42b68c5e9d8050118a4a6e08172746ba602a.
      Tomcat 7.0 + MySQL 5. 6.2.x GIT ID: afc7e5200242e4db563be2e32eb2755c3172bc91.

      Description

      1. Add Documents and Media portlet.
      2. Click Manege drop menu.
      3. Click Document Types.
      4. Fill <script>alert("xss")</script> in name.
      5. Click Save.

        Attachments

          Issue Links

            Activity

              People

              Assignee:
              mark.jin Mark Jin (Inactive)
              Reporter:
              mark.jin Mark Jin (Inactive)
              Participants of an Issue:
              Recent user:
              Esther Sanz
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Dates

                Created:
                Updated:
                Resolved:
                Days since last comment:
                9 years, 18 weeks, 4 days ago

                  Packages

                  Version Package
                  6.1.10 EE GA1
                  6.1.20 EE GA2
                  --Sprint 11/12
                  6.2.0 CE M2