Apache Allura™

Forge software for hosting software projects

Brought to you by: alexluberg, brondsem, deshani, dill0wn, and 10 others

#7571 XSS? on forum

Milestone: unreleased

Status: invalid

Owner: nobody

Labels: None

Component: Forum

Reviewer: nobody

Updated: 2015-03-10

Created: 2014-07-16

Creator: Shuji Sado

Private: No

http://sourceforge.net/p/passwordsafe/discussion/134801/thread/8bc859a2/

please check.

Discussion

Dave Brondsema - 2014-07-16

status: open --> invalid
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Dave Brondsema - 2014-07-16

I see no XSS here. If you have an example where javascript runs, please provide it. In this case, input form fields are rendered, but no javascript runs. See also [#4644] for removing form fields from the HTML whitelist.

Related

Tickets: ~~#4644~~

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.