Skip to main content


Eclipse Community Forums

      Home
Home » Archived » BIRT » Will vulnerability be addressed in v4.9?(Security Question)
Will vulnerability be addressed in v4.9? [message #1843419] Wed, 28 July 2021 11:28
Eclipse UserFriend
When looking into using BIRT for our organization, our team ran across this vulnerability on the National Vulnerability Database:

"In Eclipse BIRT version 4.8.0 and earlier, an attacker can use query parameters to create a JSP file which is accessible from remote (current BIRT viewer dir) to inject JSP code into the running instance."

Is this something that will be addressed in v4.9 or is there a preventative measure we can take for v4.8?

Thanks!
Previous Topic:Change display text on parameter
Next Topic:NULL issue
Goto Forum:
  


Current Time: Sun Jul 20 18:26:19 EDT 2025

Powered by FUDForum. Page generated in 0.02868 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software

Back to the top

Sign up to our Newsletter

A fresh new issue delivered monthly