Code commits
Openfire (master)
-
Greg Thomas <greg.d.thomas@gmail.com> b09d67c1ffc884c5fa8009775a2245859c2d8b09
Fix XSS issue in use of ListPager
- xmppserver/src/main/java/org/jivesoftware/util/ListPager.java (version b09d67c1ffc884c5fa8009775a2245859c2d8b09)
-
Greg Thomas <greg.d.thomas@gmail.com> b73b5482d8cf3d3b858329b9dadbba45ccdcb844
Fix XSS issue in System Properties page
- xmppserver/src/main/java/org/jivesoftware/admin/servlet/SystemPropertiesServlet.java (version b73b5482d8cf3d3b858329b9dadbba45ccdcb844)
-
Greg Thomas <greg.d.thomas@gmail.com> f2b366ea42c17b77fc7985a5a15fbd6808f2f7c9
Fix XSS issue in System Cache Details page
- xmppserver/src/main/java/org/jivesoftware/admin/servlet/SystemCacheDetailsServlet.java (version f2b366ea42c17b77fc7985a5a15fbd6808f2f7c9)
-
Greg Thomas <greg.d.thomas@gmail.com> 177d1d9fbf0283c7403dd30dc4d34faa25796dac
Fix XSS issue in security truststore page
- xmppserver/src/main/webapp/security-truststore.jsp (version 177d1d9fbf0283c7403dd30dc4d34faa25796dac)
-
Andrea Luciani <guest.luciani.a@IGT.com> b19e6638e0cb736b4b6904a158fcdfa05be260e3
OF-532: Fixed by including sessions with non-negative priority=0 see https://tools.ietf.org/html/rfc6121#section-8.5.3.2.1
- xmppserver/src/main/java/org/jivesoftware/openfire/MessageRouter.java (version b19e6638e0cb736b4b6904a158fcdfa05be260e3)
-
tomatis <tomatis@users.noreply.github.com> 4098670c33679a60af549a409ca942ffd20bb522
Update ScramSha1SaslServer.java
Logging username in case of authfail- xmppserver/src/main/java/org/jivesoftware/openfire/sasl/ScramSha1SaslServer.java (version 4098670c33679a60af549a409ca942ffd20bb522)