Arul Vijay Paulraj (Gooner007)
Tata Consultancy Services

Tata Consultancy Services
Gooner007 Member since 2010 15 posts
Tata Consultancy Services
Posted: May 12, 2017
Last activity: May 16, 2017
Posted: 12 May 2017 12:46 EDT
Last activity: 16 May 2017 0:58 EDT

Cross Site scripting - issue accessing SMA

Our project uses site minder for our login . For Fixing Cross site scripting issue we have worked with our Site minder Team and updated our Site minder Policy to reflect the following

badcsschars='<,',>,%22' .

This fixed our issue of cross site scripting but after this was implemented we are not able to access the Links available inside SMA. ( Agent Management ,Logging and Tracing etc) . By Looking at the source code for the these Links

<A href="#" title="Defines operations and attributes for agent management" oncontextmenu="showMenuHandler('<NODE ID>%22&mbeanVersion=1.0')

We see the Node ID is getting passed between %22 . Anyone able to by pass this issue or any other solution for accessing these links with the cross site scripting fixed?

Thanks in advance.

Low-Code App Development System Administration
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.