Details
-
Bug
-
Status: Closed
-
Blocker
-
Resolution: Fixed
-
2.1
-
None
Description
A Cross-Site Scripting vulnerability was found for Jetspeed allowing anXXS Url attack like the following:
http://localhost:8080/jetspeed/portal/pages/default-page.psml/%22%3e%3cscript%3ealert(%27XSS%20test%27)%3c/script%3e