Changes between Initial Version and Version 1 of Ticket #7272


Ignore:
Timestamp:
May 3, 2011, 8:36:24 AM (8 years ago)
Author:
Scott González
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #7272

    • Property Status changed from new to open
    • Property Summary changed from Autocomplete-combobox has a serious xss vulnerability to Combobox demo: XSS vulnerability
  • Ticket #7272 – Description

    initial v1  
    1 If the elements of the combobox contains any xss, it will be executed when the user try to filter its elements.
    2 
    3 github pullrequest https://github.com/jquery/jquery-ui/pull/158
    4 github commit https://github.com/plentz/jquery-ui/commit/aaa51190ad949c99228f425bbd2bad115977e7b0
     1The values of the select options should be treated as text, not html.