Uploaded image for project: 'Jackrabbit Content Repository'
  1. Jackrabbit Content Repository
  2. JCR-3630

XSS in DirListingExportHandler

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.0.5, 2.2.13, 2.4.4, 2.6.2
    • 0.9, 2.4.5, 2.6.3, 2.7.1
    • jackrabbit-jcr-server
    • None

    Description

      lars krapf reported an XSS in the DirListingExportHandler and provided the attached patch.

      Attachments

        1. jackrabbit_dirlisting_patch.txt
          1 kB
          Angela Schreiber

        Issue Links

          is cloned by

          Bug - A problem which impairs or prevents the functions of the product. JCR-3950 XSS in DirListingExportHandler

          • Major - Major loss of function.
          • Closed
          relates to

          Improvement - An improvement or enhancement to an existing feature or task. SLING-3262 Upgrade embedded jackrabbit-jcr-server version in o.a.s.jcr.webdav

          • Major - Major loss of function.
          • Closed

          Activity

            People

              Unassigned Unassigned
              angela Angela Schreiber
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: