Johannes Fahrenkrug of Springenwerk Consulting reported a cross-site scripting issue in the jboss.com site to a Red Hat associate at a conference. This issue affects the loginscreen module. Example: https://www.jboss.com/index.html?op=loginscreen&module=user&url=%22%3E%3Ch1%3Eboo%3C/h1
Was fixed 20071102, but regressed during jboss.com outage over the weekend
Red Hat would like to thank Johannes Fahrenkrug of Springenwerk Consulting for reporting this issue.
Fixed again 20071107
*** Bug 531712 has been marked as a duplicate of this bug. ***
*** Bug 531705 has been marked as a duplicate of this bug. ***