Details

    • Type: Bug
    • Status: Resolved
    • Priority: Critical
    • Resolution: Fixed
    • Component/s: ci-game-plugin
    • Labels:
      None
    • Similar Issues:

      Description

      One of our developers set their username so this was in the config:

      <?xml version='1.0' encoding='UTF-8'?>
      <user>
      <fullName>First Last </a></td><td></td><td>1000000.0</td></tr><tr><td><a href="www.bbc.co.uk"></fullName>

      This could be used for evil javascript injection purposes as well as silly ones.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                ohtake_tomohiro OHTAKE Tomohiro
                Reporter:
                asuffiel Andrew Suffield
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: