svn commit: r750921 - /tomcat/trunk/webapps/examples/jsp/cal/cal2.jsp

Fri, 06 Mar 2009 06:47:12 -0800 

Author: markt
Date: Fri Mar  6 14:46:47 2009
New Revision: 750921

URL: http://svn.apache.org/viewvc?rev=750921&view=rev
Log:
Fix XSS in examples web application.
This is CVE-2009-0781.
Security page updates and formal announcement to follow.

Modified:
    tomcat/trunk/webapps/examples/jsp/cal/cal2.jsp

Modified: tomcat/trunk/webapps/examples/jsp/cal/cal2.jsp
URL: 
http://svn.apache.org/viewvc/tomcat/trunk/webapps/examples/jsp/cal/cal2.jsp?rev=750921&r1=750920&r2=750921&view=diff
==============================================================================
--- tomcat/trunk/webapps/examples/jsp/cal/cal2.jsp (original)
+++ tomcat/trunk/webapps/examples/jsp/cal/cal2.jsp Fri Mar  6 14:46:47 2009
@@ -35,7 +35,7 @@
 <FORM METHOD=POST ACTION=cal1.jsp>
 <BR> 
 <BR> <INPUT NAME="date" TYPE=HIDDEN VALUE="current">
-<BR> <INPUT NAME="time" TYPE=HIDDEN VALUE=<%= util.HTMLFilter.filter(time) %>
+<BR> <INPUT NAME="time" TYPE=HIDDEN VALUE="<%= util.HTMLFilter.filter(time) 
%>">
 <BR> <h2> Description of the event <INPUT NAME="description" TYPE=TEXT 
SIZE=20> </h2>
 <BR> <INPUT TYPE=SUBMIT VALUE="submit">
 </FORM>



---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Reply via email to