Issues
- html error from extension provider loaded directly into adminLDEV-3226Resolved issue: LDEV-3226Zac Spitzer
- Reflected XSS via /rest/ endpointLDEV-3106Pothys - MitrahSoft
- scriptProtect doesn't filter out tag on* attributesLDEV-3050Resolved issue: LDEV-3050
- XSS in CFX Tags in Lucee 5.2.9.31LDEV-3049Resolved issue: LDEV-3049
- XSS in REST error handlerLDEV-3023Resolved issue: LDEV-3023Igal Sapir
- XSS in Java StackTraces, REST error messageLDEV-1693Resolved issue: LDEV-1693Michael Offner
- getSafeHTML() and isSafeHTML() functions missingLDEV-838
7 of 7
