Security issue with YUI 2.8.0

XMLWordPrintable

    • Type: Defect
    • Resolution: Done
    • Priority: Major
    • 1.3.3
    • Affects Version/s: 1.2.0, 1.3.0, 1.3.1, 1.3.2
    • Component/s: None
    • None

      The vulnerability has been identified by JPL security as High. The vulnerability is stated as "Flash Parameter allowScriptAccess is set to Always". The fix is to change the following '<param name="allowScriptAccess" value="always">' in:

      /usr/local/gateway/apache-tomcat/webapps/ROOT/js/yui/2.8.0/build/connection/connection-min.js

      to:

      '<param name="allowScriptAccess" value="sameDomain">'

              Assignee:
              Nathan Wilhelmi (Inactive)
              Reporter:
              Luca Cinquini (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

                Created:
                Updated:
                Resolved: