[JCRVLT-117] Potential XSS problem in org.apache.jackrabbit.vault.util.HtmlProgressListener - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 3.1.28
Component/s: None
Labels:
None

Description

the org.apache.jackrabbit.vault.util.HtmlProgressListener should escape the arguments before it streams them to the stream. the users of the progress listener should not care about the intended output medium.

Attachments

Activity

People

Assignee:: Tobias Bocanegra

Reporter:: Tobias Bocanegra

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 16/May/16 17:59

Updated:: 22/Aug/16 13:44

Resolved:: 16/May/16 19:26