SmartClient - Cross-Site Scripting: DOM vulnerabilities reported by static scan

reachsidhu

Registered Developer

Join Date: Jan 2013

Posts: 19
#1

SmartClient - Cross-Site Scripting: DOM vulnerabilities reported by static scan

20 Dec 2016, 11:46

Hello we use the below version of Smartclient

SmartClient Version: v10.0p_2016-02-12/LGPL Development Only (built 2016-02-12)

We submitted our source code for static scan and got the below results back

ISC_History.js(ISC_History.js) - Line No- 73
ISC_History.js(ISC_History.js) - Line No- 73
ISC_RealtimeMessaging.js (ISC_RealtimeMessaging.js)- Line No-33
ISC_RealtimeMessaging.js (ISC_RealtimeMessaging.js)- Line No-33

Please let us know how to get about this
Tags: None
Isomorphic

Administrator

Join Date: May 2006

Posts: 54568
#2

20 Dec 2016, 20:51

Scanners produce spurious results. If you think any of these represent actual exploitable flaws, please put together a working exploit and we'll take a look.
Comment

Previous template Next

Announcement