[jira] [Resolved] (CMIS-943) Hardcoded Domain in HTML in repository.jsp

JIRA Mon, 24 Aug 2015 03:51:13 -0700

     [ 
https://issues.apache.org/jira/browse/CMIS-943?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Florian Müller resolved CMIS-943.
---------------------------------
    Resolution: Won't Fix

> Hardcoded Domain in HTML in repository.jsp
> ------------------------------------------
>
>                 Key: CMIS-943
>                 URL: https://issues.apache.org/jira/browse/CMIS-943
>             Project: Chemistry
>          Issue Type: Bug
>          Components: opencmis-client
>    Affects Versions: OpenCMIS 0.13.0
>            Reporter: Donald Kwakkel
>
> The file repository.jsp references a script using a hardcoded domain name on 
> line 27. If attackers compromise the domain, they will have malicious code on 
> this page.
> Recommendation:
> Keep control over the code your web pages invoke. Do not include scripts or 
> other artifacts from third-party sites.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Resolved] (CMIS-943) Hardcoded Domain in HTML in repository.jsp

Reply via email to