Details
Description
The ConfServlet class has the following code:
String format = request.getParameter(FORMAT_PARAM); ... } else { response.sendError(HttpServletResponse.SC_BAD_REQUEST, "Bad format: " + format); }
As a result HTTP parameter is directly written to Servlet error page. Echoing this untrusted input allows for a reflected cross site scripting vulnerability. See http://en.wikipedia.org/wiki/Cross-site_scripting for more information.
Attachments
Attachments
Issue Links
- links to