diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2012-04-18 18:58:04 +0200 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-04-18 18:58:04 +0200 |
commit | 811987d677a4117f09b032e3935aff9accdc133d (patch) | |
tree | d26d58e0f7bd7b41ad86b3cf7c2e8c75a1972c90 /docs/en/xml | |
parent | 8dd0e8193d51f243b547cc0f4f21f5b3a1375ff2 (diff) | |
download | bugzilla-811987d677a4117f09b032e3935aff9accdc133d.tar.gz bugzilla-811987d677a4117f09b032e3935aff9accdc133d.tar.xz |
Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits attackers to access all bugs that the victim can see
r=glob a=LpSolit
Diffstat (limited to 'docs/en/xml')
-rw-r--r-- | docs/en/xml/using.xml | 10 |
1 files changed, 0 insertions, 10 deletions
diff --git a/docs/en/xml/using.xml b/docs/en/xml/using.xml index cf59e8d4d..9f4fc2777 100644 --- a/docs/en/xml/using.xml +++ b/docs/en/xml/using.xml @@ -671,16 +671,6 @@ </member> </simplelist> </para> - - <para> - If you would like to access the bug list from another program - it is often useful to have the list returned in something other - than HTML. By adding the ctype=type parameter into the bug list URL - you can specify several alternate formats. Besides the types described - above, the following formats are also supported: ECMAScript, also known - as JavaScript (ctype=js), and Resource Description Framework RDF/XML - (ctype=rdf). - </para> </section> <section id="individual-buglists"> |