Details
-
Bug
-
Status: Resolved
-
Minor
-
Resolution: Fixed
-
1.6.3, 2.0.2, 2.1.3, 2.2.3, 2.3.4, 2.4.4, 3.0.0
-
None
Description
I'm not sure if it's possible to exploit, but, the following code in RESTSubmissionServer's ErrorServlet.service is a little risky as it includes user-supplied path input in the error response. We don't want to let a link determine what's in the resulting HTML.
val path = request.getPathInfo ... var msg = parts match { ... case _ => // never reached s"Malformed path $path." } msg += s" Please submit requests through http://[host]:[port]/$serverVersion/submissions/..." val error = handleError(msg)
Attachments
Issue Links
- links to