Fixes #4556 : HIGH-LEVEL VULNERABILITY WITHIN MOJARRA JSF V2.2

eclipse-ee4j · May 6, 2019 · a3fa957 · a3fa957
1 parent 999c878
commit a3fa957
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/impl/src/main/java/com/sun/faces/context/PartialViewContextImpl.java b/impl/src/main/java/com/sun/faces/context/PartialViewContextImpl.java
@@ -511,7 +511,7 @@ private void renderState(FacesContext context) throws IOException {
         if (null != window) {
             String clientWindowId = Util.getClientWindowId(context);
             writer.startUpdate(clientWindowId);
-            writer.write(window.getId());
+            writer.writeText(window.getId(), null);
             writer.endUpdate();
         }
     }