Homec4science
Diffusion invenio-infoscience ec02244fa270

WebAuthorProfile: fix XSS vulnerability
ec02244fa270
Actions

Authored by Lars Holm Nielsen <lars.holm.nielsen@cern.ch> on May 7 2013, 17:47.

Description

WebAuthorProfile: fix XSS vulnerability

  • Fixes cross-site scripting vulnerability due to lack of escaping variables in output.

Reviewed-by: Tibor Simko <tibor.simko@cern.ch>

Details

Committed
Tibor Simko <tibor.simko@cern.ch>May 8 2013, 15:31
Parents
R3600:eef86c865178: Merge branch 'maint-1.0' into maint-1.1
Branches
Unknown
Tags
Unknown

Event Timeline

Tibor Simko <tibor.simko@cern.ch> committed R3600:ec02244fa270: WebAuthorProfile: fix XSS vulnerability (authored by Lars Holm Nielsen <lars.holm.nielsen@cern.ch>).May 8 2013, 15:31

Changes (1)

Path
Mmodules/webauthorprofile/lib/webauthorprofile_templates.py

R3600:ec02244fa270

View Options

modules/webauthorprofile/lib/webauthorprofile_templates.py

Loading...
c4science ยท Help