[CMIS-943] Hardcoded Domain in HTML in repository.jsp - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Won't Fix
Affects Version/s: OpenCMIS 0.13.0
Fix Version/s: None
Component/s: opencmis-client
Labels:
None

Description

The file repository.jsp references a script using a hardcoded domain name on line 27. If attackers compromise the domain, they will have malicious code on this page.

Recommendation:

Keep control over the code your web pages invoke. Do not include scripts or other artifacts from third-party sites.

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Donald Kwakkel

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 24/Aug/15 10:42

Updated:: 24/Aug/15 10:56

Resolved:: 24/Aug/15 10:50