Skip to content
Snippets Groups Projects
Commit 08e6f797 authored by Olav Morken's avatar Olav Morken
Browse files

oauth: Fix cross-site scripting.

Failure to escape the user id can be exploited by a malicious IdP
to run scripts in the domain of the oauth host. There is also a
failure to escape data in from the OAuth registry.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2443 44740490-163a-0410-bde0-09ae8108e29a
parent 88e1f09d
No related branches found
No related tags found
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment