[ http://jira.codehaus.org/browse/CONTINUUM-2620?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=263124#action_263124 ] 

efraim lorenz longkines edited comment on CONTINUUM-2620 at 4/11/11 1:28 AM:
-----------------------------------------------------------------------------

Will be adding additional validation for every action class' validation.xml and will be using regex to check if the user's input is not a possible XSS attack.

      was (Author: elongkines):
    Will be adding additional validation for every action class' validation.xml and will be using regex to check if the user's input is valid.
  
> Fix CSRF vulnerability in Continuum
> -----------------------------------
>
>                 Key: CONTINUUM-2620
>                 URL: http://jira.codehaus.org/browse/CONTINUUM-2620
>             Project: Continuum
>          Issue Type: Task
>            Reporter: efraim lorenz longkines
>             Fix For: 1.3.8
>
>
> Right now, continuum is vulnerable for cross-site scripting. See REDBACK-275 and REDBACK-276.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira