-
Improvement
-
Resolution: Fixed
-
Major
-
None
-
Platform: All, OS: All
It is possible to inject javascript / use yahoo utils to do ajax requests and
also launch some builds from the user profiles.
In Peaople section > edit a profile
Put as exemple:
<p>Javascript injection</p>
<a href="javascript:alert(document.cookie);">Show Cookies</a>
<p>Some buttons</p>
Buils WTT - CI <a href="/hudson/job/web-test-tools - ci/build?delay=0sec"><img
border="0" title="Schedule a build"
src="/hudson/static/7ef5ac6b/images/16x16/clock.gif"/></a>
<p/>
<img src="http://www.schwimmerlegal.com/smiley.jpg"></img>
- You could also do a simple loop that will launch builds
- send ajax requests to a third party website