Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Medium
Fix Version/s: 2.7.3
Affects Version/s: 2.0.3, 2.1.5, 2.2.10, 2.3.3, 2.4.5, 2.5.8, 2.6.2, 2.7.2
Component/s: None
Labels:
- affects-server
- security

Vulnerable URL's:

signup.action
dosignup.action

on username, email, password, confirm, fullname

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List

common-signup.vm
14/Mar/2008 5:03 AM
3 kB
dave

is blocked by

CONFSERVER-9627 Velocity does not automatically escape HTML entities when substituting variables

Closed

Assignee:: dave (Inactive)
Reporter:: dave (Inactive)
Votes:: 0 Vote for this issue
Watchers:: 0 Start watching this issue

Created:: 10/Mar/2008 4:58 AM
Updated:: 11/Oct/2018 8:39 AM
Resolved:: 14/Mar/2008 4:59 AM