[opencms-dev] OpenCMS - Cross site scripting

[Tobias Herrmann]

Dear Asha,

as stated in the release notes of the current version 7.5.1 of OpenCms 
we have fixed several issue regarding cross-site scripting.

Please see for yourself:  
http://www.opencms.org/en/news/091001_v751_releasenotes.html

Greetings, Tobias


Alkacon Software GmbH - The OpenCms Experts
Tobias Herrmann

http://www.alkacon.com
http://www.opencms.org





Hegde, Asha schrieb:
>
> Dear Team,
>
>  
>
> In one of the website it is mentioned that OpenCms is vulnerable to 
> cross-site scripting, caused by improper validation of user-supplied 
> input by the users_list.jsp script.
>
>  
>
> Pls confirm whether opencms has released any patch for this vulnerability.
>
>  
>
> **Thanks and regards,***
> **Asha Hegde**
> **Project Lead**
> **TATA - AIG (ROS) ****
> *É **6142 3659**
>
> IMPORTANT NOTICE:
> The information in this email (and any attachments) is confidential. 
> If you are not the intended recipient, you must not use or disseminate 
> the information. If you have received this email in error, please 
> immediately notify me by "Reply" command and permanently delete the 
> original and any copies or printouts thereof. Although this email and 
> any attachments are believed to be free of any virus or other defect 
> that might affect any computer system into which it is received and 
> opened, it is the responsibility of the recipient to ensure that it is 
> virus free and no responsibility is accepted by American International 
> Group, Inc. or its subsidiaries or affiliates either jointly or 
> severally, for any loss or damage arising in any way from its use.
> ------------------------------------------------------------------------
>
>
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev