tracker issue : CF-4126395

select a category, or use search below
(searches all categories and all time range)
Title:

Terminology: XSS Attack

| View in Tracker

Status/Resolution/Reason: Closed/Fixed/

Reporter/Name(from Bugbase): Peter Freitag / Peter Freitag (Peter Freitag)

Created: 03/09/2016

Components: Security Analyzer

Versions: 2016

Failure Type: Usability Issue

Found In Build/Fixed In Build: RC_v31 / CF2016_HF2

Priority/Frequency: Minor / Very few users will encounter

Locale/System: English / Mac All

Vote Count: 0

Listed in the version 2016.0.02.299200 Issues Fixed doc 
Problem Description: When security analyzer find an XSS vulnerability it puts them in a category called "XSS Attack" - the word attack is not really appropriate here, since "attack" is a verb. A better way to say it would be to say "XSS Vulnerability" or simply just "XSS".

Steps to Reproduce: Run security analyzer 

Actual Result: says "XSS Attack" Attack means the vulnerability is currently or has been exploited.

Expected Result: Simply say "XSS"

Any Workarounds: no

----------------------------- Additional Watson Details -----------------------------

Watson Bug ID:	4126395

External Customer Info:
External Company: Foundeo Inc.
External Customer Name: Peter Freitag
External Customer Email: PETE@FOUNDEO.COM
External Test Config:

Attachments:

Comments:

Adding BUG AUDIT TRAIL ********action: updated fieldName: Fix By Product Milestone newValue: HF2 oldValue: HF1 oprid: vmannebo recordName: RQ_DEFECT timpestamp: 2016-02-29 12:32:59.0 action: updated fieldName: Priority newValue: 1 oldValue: 0 oprid: hkallae recordName: RQ_DEFECT timpestamp: 2016-02-12 05:49:08.0 action: updated fieldName: Status newValue: ToFix oldValue: Unverified oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: Reason newValue: Blank oldValue: Blank oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: Fix By Product Milestone newValue: HF1 oldValue: Blank oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: QE Assigned newValue: preethi oldValue: mukumar oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: Owner newValue: uogra oldValue: mukumar oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: Version newValue: 12.0 oldValue: 3.1 oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: Fix By Milestone newValue: Post Release oldValue: Blank oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: Product newValue: ColdFusion oldValue: ColdFusion Builder oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: Dev Assigned newValue: uogra oldValue: mchandna oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:29:55.0 action: updated fieldName: Owner newValue: mukumar oldValue: prk oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:26:07.0 action: updated fieldName: Dev Assigned newValue: mchandna oldValue: bukkittu oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:26:07.0 action: updated fieldName: QE Assigned newValue: mukumar oldValue: prk oprid: preethi recordName: RQ_DEFECT timpestamp: 2016-02-10 05:26:07.0
Comment by CFwatson U.
4271 | March 09, 2016 01:55:30 AM GMT
Added By: PreRelease User User Name:Peter Freitag Note Added: Entered Bug. Date Added :2016-02-08 16:53:57.0
Comment by CFwatson U.
4272 | March 09, 2016 01:55:31 AM GMT
changed the title in builder too.
Comment by Milan C.
4273 | April 26, 2016 05:58:22 AM GMT
test note
Comment by CFwatson U.
4274 | June 07, 2016 04:18:43 AM GMT
The fix for this bug is available as part of the early-access build for ColdFusion 2016 Update 2.
Comment by CFwatson U.
4275 | June 07, 2016 04:25:23 AM GMT