Uploaded image for project: 'Felix'
  1. Felix
  2. FELIX-4746

Escape outputting filter parameter in service servlet

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • webconsole-4.2.6
    • Web Console
    • None

    Description

      The ServicesServlet outputs the value of the filter request parameter as is; this needs escaping otherwise the html output might get destroyed

      Attachments

        Issue Links

          is superceded by

          Bug - A problem which impairs or prevents the functions of the product. FELIX-6132 XSS possible in service console

          • Major - Major loss of function.
          • Closed

          Activity

            People

              cziegeler Carsten Ziegeler
              cziegeler Carsten Ziegeler
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: