Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Analysis of indirect subclasses of HttpServlet for XSS #137

Merged
merged 1 commit into from
Dec 11, 2015

Conversation

formanek
Copy link
Contributor

@formanek formanek commented Dec 6, 2015

Now it detects many more bugs. But I think it would be still better not to rely on this and check presence of response.getWriter().println() directly.

h3xstream added a commit that referenced this pull request Dec 11, 2015
Analysis of indirect subclasses of HttpServlet for XSS
@h3xstream h3xstream merged commit b1c95c2 into find-sec-bugs:master Dec 11, 2015
@h3xstream h3xstream added the enhancement New feature or improvement to existing detector. label Jan 27, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or improvement to existing detector.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants