AnsweredAssumed Answered

Alfresco and cross-site attack

Question asked by warrenzhai on Apr 9, 2007
Latest reply on Apr 16, 2007 by rdanner
I am able to upload the following HTML document in Alfresco which may contain some malicious Javascript:


      <script type="text/javascript">
         alert("You have been XSS attacked!");

Users who view this HTML document may inadvertently execute malicious JavaScript code in the background.  I am wondering what can be done to prevent this in Alfresco (1.3).