diff options
author | Frédéric Buclin <LpSolit@gmail.com> | 2012-04-18 19:00:42 +0200 |
---|---|---|
committer | Frédéric Buclin <LpSolit@gmail.com> | 2012-04-18 19:00:42 +0200 |
commit | af3e4c43b0ad6267669d2e987d6ae3acdde70253 (patch) | |
tree | 00198b476d3e16235d38b5c92e8d83a074fff41d /docs/en/xml | |
parent | 935031c50d693cb8d8a1c4c8e1567df6310766da (diff) | |
download | bugzilla-af3e4c43b0ad6267669d2e987d6ae3acdde70253.tar.gz bugzilla-af3e4c43b0ad6267669d2e987d6ae3acdde70253.tar.xz |
Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits attackers to access all bugs that the victim can see
r=glob a=LpSolit
Diffstat (limited to 'docs/en/xml')
-rw-r--r-- | docs/en/xml/using.xml | 10 |
1 files changed, 0 insertions, 10 deletions
diff --git a/docs/en/xml/using.xml b/docs/en/xml/using.xml index 6d575c0c1..3bf0558fc 100644 --- a/docs/en/xml/using.xml +++ b/docs/en/xml/using.xml @@ -659,16 +659,6 @@ </member> </simplelist> </para> - - <para> - If you would like to access the bug list from another program - it is often useful to have the list returned in something other - than HTML. By adding the ctype=type parameter into the bug list URL - you can specify several alternate formats. Besides the types described - above, the following formats are also supported: ECMAScript, also known - as JavaScript (ctype=js), and Resource Description Framework RDF/XML - (ctype=rdf). - </para> </section> <section id="individual-buglists"> |