[opencms-dev] OpenCMS - Cross site scripting

Hegde, Asha Asha.Hegde at TATA-AIG.com
Mon Nov 2 05:17:19 CET 2009


Dear Team,

 

In one of the website it is mentioned that OpenCms is vulnerable to
cross-site scripting, caused by improper validation of user-supplied input
by the users_list.jsp script.

 

Pls confirm whether opencms has released any patch for this vulnerability.

 

Thanks and regards,
Asha Hegde
Project Lead
TATA - AIG (ROS) 
* 6142 3659

IMPORTANT NOTICE: 
The information in this email (and any attachments) is confidential. If you are not the intended recipient, you must not use or disseminate the information. If you have received this email in error, please immediately notify me by "Reply" command and permanently delete the original and any copies or printouts thereof.  Although this email and any attachments are believed to be free of any virus or other defect that might affect any computer system into which it is received and opened, it is the responsibility of the recipient to ensure that it is virus free and no responsibility is accepted by American International Group, Inc. or its subsidiaries or affiliates either jointly or severally, for any loss or damage arising in any way from its use.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://webmail.opencms.org/pipermail/opencms-dev/attachments/20091102/412f4954/attachment.htm>


More information about the opencms-dev mailing list