Skip to main content


Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Archived » Hudson » XSS Vulerability issue in Hudson(XSS Vulerability issue in Hudson)
XSS Vulerability issue in Hudson [message #1018342] Wed, 13 March 2013 16:31 Go to next message
Deepak Balan is currently offline Deepak BalanFriend
Messages: 1
Registered: March 2013
Junior Member
Hi

We are facing XSS vulerability issue (Cross site scripting issue) in Hudson. We tried installing the pegdown markup formatter plugin but again the issue persists.

/computer/(master)/load-statistics is the url that shows the security exception.

NB: Read access is given to the Anonymous user



Please let us know of anything can be done to fix the issue


Regards
Deepak

Report message to a moderator

Re: XSS Vulerability issue in Hudson [message #1018511 is a reply to message #1018342] Thu, 14 March 2013 01:05 Go to previous message
Winston Prakash is currently offline Winston PrakashFriend
Messages: 534
Registered: August 2011
Location: Fremont, CA USA
Senior Member
Hi Deepak, I hope you have enabled "Prevent Cross Site Request Forgery exploits" option in the Hudson Configuration page.

Since this is related to security vulnerabilities, let us discuss this offline (winstonDOTprakashATgmailDOTcom)

Winston Prakash
Eclipse Hudson team

Report message to a moderator

Previous Topic:Cannot configure security, ClassNotFoundException: org.acegisecurity.AuthenticationManager
Next Topic:Problems with setting up Git project
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Wed Apr 24 19:06:44 GMT 2024

Powered by FUDForum. Page generated in 0.03234 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly