[ https://issues.apache.org/jira/browse/JS2-1076?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ate Douma resolved JS2-1076.
----------------------------
Resolution: Fixed
Fixed by escaping input values within LoginProxyServlet.
Thanks for the report Radko!
> insecure redirector during login
> --------------------------------
>
> Key: JS2-1076
> URL: https://issues.apache.org/jira/browse/JS2-1076
> Project: Jetspeed 2
> Issue Type: Bug
> Components: Security
> Environment: all
> Reporter: radko keves
> Assignee: Ate Douma
> Fix For: 2.1.4, 2.2.1
>
>
> /jetspeed/login/redirector?token
> token.getToken() added to redirector isn't encoded
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org
|