#24 Overview and fix spots vulnurable for XSS attacks - Grails Crowd

Type	To find
responsible:me	tickets assigned to you
tagged:"@high"	tickets tagged @high
milestone:next	tickets in the upcoming milestone
state:invalid	tickets with the state invalid
created:"last week"	tickets created last week
sort:number, importance, updated	tickets sorted by #, importance or updated
Combine keywords for powerful searching.
Use advanced searching »

#24 ✓resolved

Overview and fix spots vulnurable for XSS attacks

Reported by dima767 (at gmail) | February 26th, 2009 @ 08:37 AM | in 1.2.1

It was noted that there was an instance where an account was create an was able to inject a js text into the member.about field. Need to review such spots in the application where such an injection is possible and prevent it by means of Grails html escaping, etc.

Comments and changes to this ticket

dima767 (at gmail) May 24th, 2009 @ 05:40 PM
- State changed from “new” to “resolved”

Please Sign in or create a free account to add a new ticket.

With your very own profile, you can contribute to projects, track your activity, watch tickets, receive and update tickets through your email and much more.

Create new ticket

Create your profile

Help contribute to this project by taking a few moments to create your personal profile. Create your profile »

Online community for Grails developers worldwide

People watching this ticket

dima767 (at gmail)

Gc Grails Crowd → 1.2.1

New Billing System

Overview and fix spots vulnurable for XSS attacks

Comments and changes to this ticket

dima767 (at gmail) May 24th, 2009 @ 05:40 PM

Create your profile

People watching this ticket

Tags

Pages

Gc Grails Crowd → 1.2.1

New Billing System

Keyword searching

Overview and fix spots vulnurable for XSS attacks

Comments and changes to this ticket

dima767 (at gmail) May 24th, 2009 @ 05:40 PM

Create your profile

People watching this ticket

Tags

Pages