Cross-Site Scripting: Reflected #1211

QiAnXinCodeSafe · 2020-03-05T06:22:41Z

elide/elide-spring/elide-spring-boot-autoconfigure/src/main/java/com/yahoo/elide/spring/controllers/SwaggerController.java

Line 84 in 6806068

public ResponseEntity<String> list(@PathVariable("name") String name) {

elide/elide-spring/elide-spring-boot-autoconfigure/src/main/java/com/yahoo/elide/spring/controllers/SwaggerController.java

Line 89 in 6806068

return ResponseEntity.status(404).body("Unknown document: " + name);

Sending unvalidated data to a web browser can result in the browser executing malicious code.

aklish · 2020-03-24T19:50:38Z

Fixed in #1221

Co-authored-by: Aaron Klish <[email protected]>

aklish pushed a commit that referenced this issue Mar 20, 2020

Fixes Issue #1211

d6809a0

aklish mentioned this issue Mar 20, 2020

Fixes Issue #1211 #1221

Closed

aklish closed this as completed Mar 24, 2020

aklish mentioned this issue Mar 26, 2020

Fixes Issue #1211 #1237

Merged

aklish added a commit that referenced this issue Mar 26, 2020

Fixes Issue #1211 (#1237)

d56cf07

Co-authored-by: Aaron Klish <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cross-Site Scripting: Reflected #1211

Cross-Site Scripting: Reflected #1211

QiAnXinCodeSafe commented Mar 5, 2020

aklish commented Mar 24, 2020

Cross-Site Scripting: Reflected #1211

Cross-Site Scripting: Reflected #1211

Comments

QiAnXinCodeSafe commented Mar 5, 2020

aklish commented Mar 24, 2020