summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
authorFrédéric Buclin <LpSolit@gmail.com>2012-04-18 18:58:04 +0200
committerFrédéric Buclin <LpSolit@gmail.com>2012-04-18 18:58:04 +0200
commit811987d677a4117f09b032e3935aff9accdc133d (patch)
treed26d58e0f7bd7b41ad86b3cf7c2e8c75a1972c90 /docs
parent8dd0e8193d51f243b547cc0f4f21f5b3a1375ff2 (diff)
downloadbugzilla-811987d677a4117f09b032e3935aff9accdc133d.tar.gz
bugzilla-811987d677a4117f09b032e3935aff9accdc133d.tar.xz
Bug 745397: (CVE-2012-0466) [SECURITY] The JS template for buglists permits attackers to access all bugs that the victim can see
r=glob a=LpSolit
Diffstat (limited to 'docs')
-rw-r--r--docs/en/xml/using.xml10
1 files changed, 0 insertions, 10 deletions
diff --git a/docs/en/xml/using.xml b/docs/en/xml/using.xml
index cf59e8d4d..9f4fc2777 100644
--- a/docs/en/xml/using.xml
+++ b/docs/en/xml/using.xml
@@ -671,16 +671,6 @@
</member>
</simplelist>
</para>
-
- <para>
- If you would like to access the bug list from another program
- it is often useful to have the list returned in something other
- than HTML. By adding the ctype=type parameter into the bug list URL
- you can specify several alternate formats. Besides the types described
- above, the following formats are also supported: ECMAScript, also known
- as JavaScript (ctype=js), and Resource Description Framework RDF/XML
- (ctype=rdf).
- </para>
</section>
<section id="individual-buglists">