Loading...

Log In
Closed

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Critical
Component/s: other
Labels:
None
Environment:
Platform: All, OS: All

Hudson 1.295 allows user to type cross-site scriptings(xss) on search-box.
Example:
http://hudson-host/search/?
q=<script>alert('script');</script>&json={"q":+"<script>alert('oops');</script>"
}

Assignee:: Kohsuke Kawaguchi
Reporter:: danielvs
Votes:: 0 Vote for this issue
Watchers:: 0 Start watching this issue

Created:: 2009-04-02 14:33
Updated:: 2011-02-10 19:13
Resolved:: 2009-04-04 10:12

Details

Description

Attachments

Activity

People

Dates