Return-Path: Delivered-To: apmail-beehive-dev-archive@www.apache.org Received: (qmail 23450 invoked from network); 9 Jun 2007 16:09:41 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 9 Jun 2007 16:09:41 -0000 Received: (qmail 51806 invoked by uid 500); 9 Jun 2007 16:09:45 -0000 Delivered-To: apmail-beehive-dev-archive@beehive.apache.org Received: (qmail 51800 invoked by uid 500); 9 Jun 2007 16:09:45 -0000 Mailing-List: contact dev-help@beehive.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Beehive Developers" Delivered-To: mailing list dev@beehive.apache.org Delivered-To: moderator for dev@beehive.apache.org Received: (qmail 23026 invoked by uid 99); 8 Jun 2007 12:59:51 -0000 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Message-ID: <22042259.1181307565948.JavaMail.jira@brutus> Date: Fri, 8 Jun 2007 05:59:25 -0700 (PDT) From: "Carlin Rogers (JIRA)" To: dev@beehive.apache.org Subject: [jira] Assigned: (BEEHIVE-1197) XSS Vulnerability in jpfScopeID In-Reply-To: <15167468.1181239406168.JavaMail.jira@brutus> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Virus-Checked: Checked by ClamAV on apache.org [ https://issues.apache.org/jira/browse/BEEHIVE-1197?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Carlin Rogers reassigned BEEHIVE-1197: -------------------------------------- Assignee: Julie Zhuo (was: Carlin Rogers) > XSS Vulnerability in jpfScopeID > ------------------------------- > > Key: BEEHIVE-1197 > URL: https://issues.apache.org/jira/browse/BEEHIVE-1197 > Project: Beehive > Issue Type: Bug > Components: NetUI > Affects Versions: V1Alpha, V1Beta, v1m1, 1.0, 1.0.1, 1.0.2, V.Next > Environment: Any > Reporter: Scott L'Hommedieu > Assignee: Julie Zhuo > Priority: Critical > Fix For: V.Next > > Attachments: patch.txt > > > When a processing a request to a url such as http://xxx/xx.jfp?jpfScopeID="