#3011 closed defect (fixed)
XhrIframeProxy: xip_client.html and xip_server.html have inadequate protections for XSS
Reported by: | James Burke | Owned by: | James Burke |
---|---|---|---|
Priority: | high | Milestone: | |
Component: | IO | Version: | 0.4.1 |
Keywords: | Cc: | ||
Blocked By: | Blocking: |
Description
xip_client.html and xip_server.html have weaknesses that could allow for certain types of cross site scripting attacks. The issues started in 0.4.1.
Note: See
TracTickets for help on using
tickets.
(In [8610]) Fixes #3011.