The RemObjects SDK for Delphi v220.127.116.11 is vulnerable to reflected Cross Site Scripting (XSS) attack.
Thanks, logged as bugs://78944
bugs://78944 got closed with status fixed.
generated html is:
<html><head><title>Error</title></head><body><font size=7>Error</font><br />An error occurred generating WSDL: Invalid TargetEntity "<script>alert('bla-bla-bla');</script>"</body></html>
May I know the version in which this vulnerability will get the fix ?
Does this vulnerability has any vulnerability candidate identity ?
Fix will be in this week’s beta
all other possible places for this vulnerability also should be fixed.
Thanks EvgenyK for prompt reply.