Uploaded image for project: 'Velocity Tools'
  1. Velocity Tools
  2. VELTOOLS-150

VelocityLayoutServlet allows clients to specify "layout" without performing any security checks.

    Details

    • Type: Bug
    • Status: Open
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 1.4, 2.0
    • Fix Version/s: None
    • Component/s: VelocityView
    • Labels:
    • Environment:
      Velocity 1.7, Velocity Tools 2.0.
      Confirmed also affects Velocity 1.4, Velocity Tools 1.4.

      Attachments

        Activity

          People

          • Assignee:
            Unassigned
            Reporter:
            chris@christopherschultz.net Christopher Schultz
          • Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

            • Created:
              Updated: