Flash Security Risk - Githubissues

davideuler / gitblit

Automatically exported from code.google.com/p/gitblit

Apache License 2.0

0 stars 0 forks source link

Flash Security Risk #498

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

Description:
    allowScriptAccess=”always” for a flash object is dangereous because it can allow a cross domain privilege escalation or script injection.
Expected Output:
    The value of the flash object's allowScriptAccess attribute should be sameDomain.
Environment:
    Gitblit Version 1.6.0 running on rhel 6 / tomcat 7 / apache httpd 2.2 with proxy ajp

Original issue reported on code.google.com by 1988pors...@gmail.com on 5 Sep 2014 at 1:46

GoogleCodeExporter commented 9 years ago

https://dev.gitblit.com/tickets/gitblit.git/165
Fix pushed to master & develop.

Original comment by James.Mo...@gmail.com on 5 Sep 2014 at 7:06

Changed state: Queued
Added labels: Milestone-1.6.1

GoogleCodeExporter commented 9 years ago

v1.6.1 released

Original comment by James.Mo...@gmail.com on 20 Oct 2014 at 9:36

Changed state: Done