src/web/setup · ee307ce725d51e52f8626b4d8e500cd9d74a4c0f · Administrator / Openfire

Fix several security issues in 4.2 (#929) · 7ff1f730

Dave Cridland authored Nov 16, 2017

* OF-1417 CVE-2017-15911 Fix XSS issues in host setup

* OF-1329 Prevent session fixation attack

* OF-1403 Escape group name in MUC admin

* OF-1393 Make randomString more random

* OF-1400 Escape servername field

* OF-1401 Validate SMS host and escape error message

7ff1f730

Name	Last commit	Last update
..
index.jsp		Loading commit data...
ldap-group.jspf		Loading commit data...
ldap-server.jspf		Loading commit data...
ldap-user.jspf		Loading commit data...
setup-admin-settings.jsp		Loading commit data...
setup-admin-settings_test.jsp		Loading commit data...
setup-completed.jsp		Loading commit data...
setup-datasource-jndi.jsp		Loading commit data...
setup-datasource-settings.jsp		Loading commit data...
setup-datasource-standard.jsp		Loading commit data...
setup-env-check.jspf		Loading commit data...
setup-finished.jsp		Loading commit data...
setup-host-settings.jsp		Loading commit data...
setup-ldap-group.jsp		Loading commit data...
setup-ldap-group_test.jsp		Loading commit data...
setup-ldap-server.jsp		Loading commit data...
setup-ldap-server_test.jsp		Loading commit data...
setup-ldap-user.jsp		Loading commit data...
setup-ldap-user_test.jsp		Loading commit data...
setup-profile-settings.jsp		Loading commit data...
setup-style.css		Loading commit data...

Download source code

Download this directory