Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Hudson » XSS Vulerability issue in Hudson(XSS Vulerability issue in Hudson)
XSS Vulerability issue in Hudson [message #1018342] Wed, 13 March 2013 16:31 Go to next message
Deepak Balan is currently offline Deepak BalanFriend
Messages: 1
Registered: March 2013
Junior Member
Hi

We are facing XSS vulerability issue (Cross site scripting issue) in Hudson. We tried installing the pegdown markup formatter plugin but again the issue persists.

/computer/(master)/load-statistics is the url that shows the security exception.

NB: Read access is given to the Anonymous user



Please let us know of anything can be done to fix the issue


Regards
Deepak
Re: XSS Vulerability issue in Hudson [message #1018511 is a reply to message #1018342] Thu, 14 March 2013 01:05 Go to previous message
Winston Prakash is currently offline Winston PrakashFriend
Messages: 434
Registered: August 2011
Location: Fremont, CA USA
Senior Member
Hi Deepak, I hope you have enabled "Prevent Cross Site Request Forgery exploits" option in the Hudson Configuration page.

Since this is related to security vulnerabilities, let us discuss this offline (winstonDOTprakashATgmailDOTcom)


Winston Prakash
Eclipse Hudson team
Previous Topic:Cannot configure security, ClassNotFoundException: org.acegisecurity.AuthenticationManager
Next Topic:Problems with setting up Git project
Goto Forum:
  


Current Time: Mon Nov 24 01:07:21 GMT 2014

Powered by FUDForum. Page generated in 0.02904 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software