0

unsafe html component in Zorum

asked 2009-01-23 08:11:02 +0800

robertlee gravatar image robertlee
561

there is a piece of code in zorum's search/comment.zul:

<separator spacing="2px"/>					
<html content="${each.body}"/>
<separator spacing="5px"/>

so if you do a search of: postby : peterkuo
you get an iframe displayed in the comment.zul.

delete flag offensive retag edit
Be the first one to reply this discussion!
Please start posting your answer anonymously - your answer will be saved within the current session and published after you log in or create a new account. Please try to give a substantial answer, for discussions, please use comments and please do remember to vote (after you log in)!

[hide preview]

Question tools

Follow

RSS

Stats

Asked: 2009-01-23 08:11:02 +0800

Seen: 10 times

Last updated: Jan 23 '09

Support Options
  • Email Support
  • Training
  • Consulting
  • Outsourcing
Learn More