mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-06-30 18:15:39 +00:00
c993293931
93834: Merged 5.0.N (5.0.1) to HEAD-BUG-FIX (5.1/Cloud)
93734: Merged V4.2-BUG-FIX (4.2.5) to 5.0.N (5.0.1)
- SOURCE/root/projects/remote-api/config/alfresco/templates/webscripts/org/alfresco/collaboration/calendar.get.html.ftl
was removed from 5.0 as part of an EOL activity
93559: Merged V4.2.4 (4.2.4) to V4.2-BUG-FIX (4.2.5)
93544: Merged DEV to V4.2.4 (4.2.4)
93482: MNT-13174: /share/service/components/form {htmlid} unsanitized: XSS vulnerability
- Add html escape to avoid XSS vulnerability
93545: Merged DEV to V4.2.4 (4.2.4)
93508 : MNT-13177 : /alfresco/wcservice/search/keyword {l} unsanitized: XSS vulnerability
- Escape search.localeId property
93549: Merged DEV to V4.2.4 (4.2.4)
93540 : MNT-13173 : /share/service/components/form {destination} unsanitized: XSS vulnerability
- Add html escape to avoid XSS vulnerability
93555: Merged DEV to V4.2.4 (4.2.4)
93476: MNT-13178: /alfresco/wcservice/api/search/person {l} unsanitized: XSS vulnerability
- Add url escape to avoid XSS vulnerability
93556: Merged DEV to V4.2.4 (4.2.4)
93477: MNT-13176 : /alfresco/wcservice/collaboration/calendar {nodeRef} unsanitized: XSS vulnerability
- Added ?html built-in processing for nodeRef argument.
93718: Merged V4.2.4 (4.2.4) to V4.2-BUG-FIX (4.2.5)
93671: Merged DEV to PATCHES/V4.2.4 (4.2.4)
93661: MNT-13180: go through all API URI and confirm all parameters are sanitized
- Add unit test that checks all webscripts for sanitized parameters
93672: MNT-13190: /alfresco/wcservice/sample/blog/search {q} unsanitized: XSS vulnerability
Add html escape to fix XSS vulnerability
93691: MNT-13190: /alfresco/wcservice/sample/blog/search {q} unsanitized: XSS vulnerability
Patch imported blogsearch template
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@94995 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261