Security-related issue reported by Mark Doliner at August 17, 2010.

Description

Mark Doliner reported a security-related issue in an email sent to security at Ignite, on August 17, 2010. This issue must be addressed.

The content of his emails have been documented in this JIRA issue, but are visible to the relevant developers only.

None

Show:

Unless I can reproduce a related issue, I'm considering this issue resolved.

On a side-note: future XML parsing should be done by specialized third-party libraries, not our code. Something to consider for a future release.

Fixed

Created August 22, 2010 at 8:02 AM

Updated March 24, 2014 at 8:05 AM

Resolved November 13, 2012 at 8:43 PM