Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
5.1.0.5
-
None
Description
The calendar component provided in tapestry 5.1.0.5 could be used to allow code injection by malicious web users into any page that uses datefield .
To reproduce the vulnerability, put js code like <script>alert("T5 is great"); </script> in any datefield and click on the related calendar bitma
After quick search in the DateField.js, it seems like the field value is not escaping
escaping with a change like var value = escape($F(this.field)); the field value seems solve this vulnerability.
Attachments
Issue Links
- is a clone of
-
TAP5-1057 XSS vulnerability in calendar component
- Closed