Uploaded image for project: 'XWiki Platform'
  1. XWiki Platform
  2. XWIKI-9147

Secure the HTML macro

    XMLWordPrintable

Details

    • Unknown
    • N/A
    • N/A

    Description

      Right now we have many XSS flaws because almost anything can be done with the HTML macro. So the idea is to restrict the things that non-PR users can do with the macro.

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. XWIKI-9118 XSS in restricted context via html macro

          • Blocker - Blocks development and/or testing work, production could not run.
          • Closed

          Activity

            People

              surli Simon Urli
              thomas_delafosse Thomas Delafosse
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: