[jira] [Created] (CMIS-943) Hardcoded Domain in HTML in repository.jsp

Donald Kwakkel (JIRA) Mon, 24 Aug 2015 03:44:30 -0700

Donald Kwakkel created CMIS-943:
-----------------------------------

             Summary: Hardcoded Domain in HTML in repository.jsp
                 Key: CMIS-943
                 URL: https://issues.apache.org/jira/browse/CMIS-943
             Project: Chemistry
          Issue Type: Bug
          Components: opencmis-client
    Affects Versions: OpenCMIS 0.13.0
            Reporter: Donald Kwakkel



The file repository.jsp references a script using a hardcoded domain name on 
line 27. If attackers compromise the domain, they will have malicious code on 
this page.

Recommendation:

Keep control over the code your web pages invoke. Do not include scripts or 
other artifacts from third-party sites.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (CMIS-943) Hardcoded Domain in HTML in repository.jsp

Reply via email to