myfaces-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Udo Schnurpfeil (JIRA)" <...@myfaces.apache.org>
Subject [jira] [Created] (TOBAGO-1839) Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3 - CVE-2015-6748
Date Thu, 04 Jan 2018 16:14:00 GMT
Udo Schnurpfeil created TOBAGO-1839:
---------------------------------------

             Summary: Cross-site scripting (XSS) vulnerability in jsoup before 1.8.3 - CVE-2015-6748
                 Key: TOBAGO-1839
                 URL: https://issues.apache.org/jira/browse/TOBAGO-1839
             Project: MyFaces Tobago
          Issue Type: Task
          Components: Core
    Affects Versions: 3.0.6, 2.1.0
            Reporter: Udo Schnurpfeil
            Assignee: Udo Schnurpfeil


Tobago uses jsoup by default. But the dependency can be updated to a newer version in the
application which uses Tobago.
The next releases should reference an updated version of jsoup.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message