[zope2-tracker] [Bug 502572] Re: XSS cross scripting context.restrictedTraverse
Hanno Schlichting
hanno at hannosch.eu
Sun Jun 13 12:10:16 EDT 2010
Indeed, you shouldn't take untrusted data like query strings and use
them unconditionally in your code. Proper quoting in your script is in
order here.
** Changed in: zope2
Status: New => Invalid
** Visibility changed to: Public
** This bug is no longer flagged as a security vulnerability
--
XSS cross scripting context.restrictedTraverse
https://bugs.launchpad.net/bugs/502572
You received this bug notification because you are a member of Zope 2
Developers, which is subscribed to Zope 2.
More information about the zope2-tracker
mailing list