Eclipse Community Forums: Hudson » XSS Vulerability issue in Hudson

Help

Home

Home » Eclipse Projects » Hudson » XSS Vulerability issue in Hudson(XSS Vulerability issue in Hudson)

Show: Today's Messages :: Show Polls :: Message Navigator

XSS Vulerability issue in Hudson [message #1018342]

Wed, 13 March 2013 16:31

Deepak Balan

Messages: 1
Registered: March 2013

Junior Member

Hi

We are facing XSS vulerability issue (Cross site scripting issue) in Hudson. We tried installing the pegdown markup formatter plugin but again the issue persists.

/computer/(master)/load-statistics is the url that shows the security exception.

NB: Read access is given to the Anonymous user

Please let us know of anything can be done to fix the issue

Regards
Deepak

Report message to a moderator

Re: XSS Vulerability issue in Hudson [message #1018511 is a reply to message #1018342]

Thu, 14 March 2013 01:05

Winston Prakash

Messages: 534
Registered: August 2011
Location: Fremont, CA USA

Senior Member

Hi Deepak, I hope you have enabled "Prevent Cross Site Request Forgery exploits" option in the Hudson Configuration page.

Since this is related to security vulnerabilities, let us discuss this offline (winstonDOTprakashATgmailDOTcom)

Winston Prakash
Eclipse Hudson team

Report message to a moderator

Previous Topic:	Cannot configure security, ClassNotFoundException: org.acegisecurity.AuthenticationManager
Next Topic:	Problems with setting up Git project

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Tue Oct 20 13:00:42 GMT 2020

.:: Contact :: Home ::.

Breadcrumbs

Sign up to our Newsletter