Closed GoogleCodeExporter closed 8 years ago
First, I acknowledge the issue.
I think that the fix should be to have an escaped rendering.
I will fix that shortly.
Many thanks for the report.
Original comment by evernat@free.fr
on 26 Sep 2013 at 10:01
It is now fixed.
It's committed in trunk (revision 3515) and it's ready for the next release
(1.47).
If you need it, I have made a new build including the fix and it's available
for your webapp at:
https://javamelody.googlecode.com/files/javamelody-20130927.jar
Note that the release 1.47, including that fix, is supposed to be released in
just a few days from now.
Original comment by evernat@free.fr
on 26 Sep 2013 at 10:22
And the new build of the plugin for JIRA, Confluence and Bamboo is available at:
https://javamelody.googlecode.com/files/jira-javamelody-20130927.jar
Original comment by evernat@free.fr
on 26 Sep 2013 at 10:33
Thank you for the fast fix.
I requestes a CVE ID for the issue. We can refer to it as CVE-2013-4378.
Rafa
Original comment by rafael.l...@osoco.es
on 27 Sep 2013 at 8:31
CVE is available at
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4378
Original comment by evernat@free.fr
on 2 Oct 2013 at 7:03
Original issue reported on code.google.com by
rafael.l...@osoco.es
on 26 Sep 2013 at 4:48